ANDROIDOS_TROJSMS.C

This app pretends to be related to Euro 2012. It listens to messages from Android C2DM server and sends out certain text messages according the C2DM message. C2DM is a message pushing architecture provided by Google. For those developers who want to push messages to app users, they first send the messages to Google's C2DM server, which in turn pushes messages to the user's phone.

This Trojan may be manually installed by a user.

Arrival Details

This Trojan may be manually installed by a user.

NOTES:

This app pretends to be related to Euro 2012.

Instead, this app listens to messages from Android C2DM server and sends out certain text messages according the C2DM message. C2DM is a message pushing architecture provided by Google. For those developers who want to push messages to app users, they first send the messages to Google's C2DM server, which in turn pushes messages to the user's phone.

Upon installation, the app requires permissions to send and receive text messages.

When the main activity runs, it registers to receive C2DM messages, as shown in the code:

When messages arrive, the app triggers and sends out text messages. The phone numbers are determined based on the country code and SIM card operator code, so that different victim phones using different carrier operators, or in different countries, will send different text messages in order to book premium service: