Skip to content Skip to footer

New Android Trojan almost impossible to remove

IT security company Kaspersky says it has discovered a new kind of Malware currently on Android devices only, which is almost impossible to remove. The Trojan spreads it self sending SMS to you’re contact list downloading it self on those devices and installing other malicious software without permission on the smartphone. The trojan uses Bluetooth to send malware to other devices (not just smartphones) and executes commands in the console without permission.

The trojan will try to get administrator privileges (using the command “su id”), once it obtains these the trojan is impossible to remove, making you’re Android phone into a ticking time bom. Kaspersky has informed Google about the issue but have not received any reply yet.

There are currently only 0,15% infected with this virus, but this number is expected to go up dramatically over the next few weeks.

The Trojan is detected as “Backdoor.AndroidOS.Obad.a.” here is what the Trojan does from beginning to start

  1. Send text message. Parameters contain number and text. Replies are deleted.
  2. PING.
  3. Receive account balance via USSD.
  4. Act as proxy (send specified data to specified address, and communicate the response).
  5. Connect to specified address (clicker).
  6. Download a file from a remote server and install it.
  7. Send a list of applications installed on the smartphone to the server.
  8. Send information about an installed application to this server
  9. Send the user’s contact data to the server.
  10. Remote Shell. Executes commands in the console, as specified by the cybercriminal.
  11. Send a file to all detected Bluetooth devices.

There are several ways you can reduce the risk of getting malware on you’re android device, here is a few of them:

  1. Disable allowing apps from unknown sources
  2. Allowing google to check the apps on you’re device
  3. Check the permissions the apps has when installing it
  4. Keep you’re phone updated with the latest android version

Source: Securitylist