Skip to content

Export page to PDF
ANDROIDOS_AUTOSUBSMS.A

Overview


This Android malware abuses premium services specially targeting China Mobile subscribers. Specifically, it includes SMS receiver that monitors SMS messsages and automatically subscribes users to premium services.

To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below.

It also monitors messages that contain certain keywords that come from numbers that starts with 10658 or 10086.

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Technical Details


File size: Varies
File type: DEX
Memory resident: No
Initial samples received date: 17 Aug 2011

Arrival Details

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

NOTES:

This malware monitors the keywords 回复任意内容 and 超市 and if these are present in the body of received SMS mesages. If the said condition is met, it sends a reply containing Y as the message. This reply automatically subscribe users to premium services, without their consent.

It also monitors messages that contain any of the following keywords that come from numbers that starts with 10658 or 10086:

  • 爱情来啦
  • 爱情来了
  • 超市

It then deletes the received mesage automatically once the above conditions are met.

Solution


Minimum scan engine: 8.900
Trend Micro Mobile Security Pattern Version: 1.127.00
Trend Micro Mobile Security Pattern Release Date: 21 Aug 2011

Step 1

Trend Micro Mobile Security Solution

Trend Micro Mobile Security Personal Edition protects Android smartphones and tablets from malicious and Trojanized applications. The App Scanner is free and detects malicious and Trojanized apps as they are downloaded, while SmartSurfing blocks malicious websites using your device's Android browser.

Download and install the Trend Micro Mobile Security App via Google Play.

Step 2

Remove unwanted apps on your Android mobile device

[ Learn more ]

Did this description help? Tell us how we did.
Analysis By: Michael Cabel

Connect with us on