Anti-Malware Research

A quick run-down of known Android trojans’ functions

The android-based e-threats found so far are exclusively trojans, masquerading either as legitimate or as pirated versions of popular applications. Only one in particular functions as a trojan downloader and that, only on rooted devices.

Otherwise, these e-threats exhibit lots of variation in their behavior and purpose. Some are designed steal data, so SMS messages get forwarded to certain number, location data, IMEI and IMSI numbers get sent to remote servers and so on.

Others are designed to rack up charges for dubious services on the phone bill, a certain percentage of which goes into the virus writers’ pockets. This is the preferred method in Russia, apparently.

Yet others are designed simply to perpetrate clickfraud – they can be instructed to access certain addresses at certain intervals, such as to appear, for instance, as if the user of the affecteddevice is clicking a banner or a text ad somewhere. Of course, the advertising revenue then finds its way into the crooks’ pockets.

The issue is made rather simple by the fact that Android needs explicit permission to install apps: one needs to inform the users that some apps in particular are e-threats, before they get conned into believing otherwise.

About the author



Razvan Stoica is a journalist turned teacher turned publicist and technology evangelist. When Bitdefender isn't paying him to bring complex subjects to wide audiences, he enjoys writing fiction, skiing and biking. Razvan Stoica started off writing for a science monthly and was the chief editor of a science fiction magazine for a short while before moving on to the University of Medicine in Bucharest where he lectured on the English language. Recruited by Bitdefender in 2004 to add zest to the company's online presence, he has fulfilled a bevy of roles within the company since. In his current position, he is primarily responsible for the communications and community-building efforts of the Bitdefender research and technology development arm.


Click here to post a comment