Apps like ANDROIDOS_DROIDSMS.A and ANDROIDOS_SMSREP.A were designed to send unauthorized text messages to known premium-rate numbers, which may lead to unnecessary and costly charges for affected users.
Apps like ANDROIDOS_SNAKE.A, ANDROIDOS_GEINIMI.A, ANDROIDOS_ADRD.A, ANDROIDOS_LOTOOR.A, ANDROIDOS_FAKEAP.A, and ANDROIDOS_FSPY.A puts affected users at risk of information theft.
AndroidOS_DROISNAKE.A, in particular, when used with another app known as GPS SPY can give out an affected user’s GPS location even if the former is not currently running on the infected device. Similarly, AndroidOS_FSPY.A monitors an infected device’s GPS location. Mobile devices infected with this malware are also prone to security breach, at these enable a remote user to listen in to an affected user’s calls and to control an infected device via SMS.
Users whose mobile devices have been infected with ANDROIDOS_GEINIMI.A are at risk of becoming part of a mobile botnet. Becoming so puts them at risk of losing installed apps on their mobile devices.
ANDROIDOS_ADRD.A was primarily designed as a click-fraud Trojan that can put affected users at risk of exorbitant charges.
Apart from information theft, ANDROIDOS_LOTOOR.A also roots infected devices. Rooting allows a remote user to gain root privileges on an infected device. This malware uses two well-known binaries, namely rageagainstthecage and exploid, to root infected devices. It is also capable of downloading and installing other apps onto infected devices without the user’s knowledge. Users who downloaded the Trojanized version of Android Market Security Tool aka ANDROIDOS_BGSERV.A are also susceptible to information theft.