Search
Keyword: androidos_usbattack.a
text messages stored in the C2DM (Android Cloud to Device Messaging) server when it is running. It uses the Google framework to get the data. It then sends a text message to a phone number. If the
NOTES: This malware is a legitimate app repackaged with malicious code. The malicious code is disguised to resemble the legitimate SDK named umeng . This is to avoid detection. It registers its
This malicious app is known as Brightest Flashlight Free . It gathers various information on the affected device. It may connect to a C&C server to send information gathered. It is capable of setting
NOTES: When the user installs this malware, it creates an icon like Google Play. It contains the following malware APKs in its assets folder: 1.apk 2.apk 3.apk 4.apk 5.apk 6.apk 7.apk 8.apk Once
NOTES: This malware pretends to the popular game NFS Hot Pursuit by using the same app name and icon. In reality, this malware is simply a downloader. Once installed, the malware will ask the user to
. However, as of this writing, the site is inaccessible. This malware disguises itself as a shortcut app named My HRMIS & JPA Demo . Once installed, it allows users to connect to the following URLs:
adware development kit. It pushes advertisements to the user in such a way that the user has no knowledge of which app the advertisement is coming from. It also steals information from the affected device,
NOTES: This ransomware arrives via a malicious link in porn websites. After a user installs and opens it, it kills all apps except itself and system setting. It then displays a warning informing
call records stored in the infected device. FakeSpy can also serve as a vector for a banking trojan. Once launched, FakeSpy will start monitoring for text messages that the affected device receives.
This Trojan gathers device information. This is the Trend Micro detection for Android applications bundled with malicious code. Mobile Malware Routine This Trojan is a file that collects the
To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below. This malware mines bitcoins via mobile devices. It imitates the app TuneIn Radio to
NOTES: This malware exists in many tampered customized phone rom images as a backdoor open to cybercriminals. If users try to flash this kind of tampered image into the device, it puts their devices
NOTES: This Android malware downloads malicious apps without the user's authorization. This routine may result in extra charges to the affected user. Upon analysis of this Trojanized app, a malicious
remote servers and installing any applications to the Android devices without user's authorization. When a user launches the application, Moplus SDK automatically sets up a local HTTP server on the device
remote servers and installing any applications to the Android devices without user's authorization. When a user launches the application, Moplus SDK automatically sets up a local HTTP server on the device
remote servers and installing any applications to the Android devices without user’s authorization. When a user launches the application, Moplus SDK automatically sets up a local HTTP server on the device
This spyware displays pop-up advertisements. It uses common file icons to trick a user into thinking that the files are legitimate. This is the Trend Micro detection for Android applications bundled
android.permission.PROCESS_OUTGOING_CALLS intercept outgoing calls When the malware is executed, it configures the FTP server and the phone number. The phone number is a key in reopening the setting panel. By setting the phone number, the
NOTES: This malware disguises itself as a bank dynamic token generator, which may fraud bank customers. It is running another background service that monitors user's incoming SMS. Every incoming SMS
This malware is a generic Android device root tool. Rooting allows users the ability to change system settings, run apps, and perform other privileges that are often inaccessible to normal users.