Skip to content

Export page to PDF
ANDROIDOS_DROISNAKE.A

Overview


Trend Micro has flagged this spyware as noteworthy due to the increased potential for damage, propagation, or both, that it possesses. Specifically, it runs on mobile phones with Android operating system.

To get a one-glance comprehensive view of the behavior of this Spyware, refer to the Threat Diagram shown below.

This malware works alongside GPS Spy. It disguises as an Android game application.

A malicious user may physically install this application by downloading it using the Android Market on a targeted phone.

However, the malicious user must register the application by entering an email address and a key that the malicious user uses in order to track the affected phone using GPS Spy app.

It then retrieves the current GPS coordinate of the affected phone and sends it via HTTP Post.

The malicious user may then use the email and the key on the GPS Spy app to be able to track the affected file.

This spyware may be manually installed by a user.

Technical Details


File size: 25,968 bytes
File type: Other
Memory resident: Yes
Initial samples received date: 17 Aug 2010

Arrival Details

This spyware may be manually installed by a user.

NOTES:

Other Details

Based on analysis of the codes, it has the following capabilities:

  • This malware works alongside GPS Spy
  • It disguises as an Android game application.
  • A malicious user may physically install this application by downloading it using the Android Market on a targeted phone.
  • The malicious user must register the application by entering an email address and a key that the malicious user uses in order to track the affected phone using GPS Spy app.
  • It then retrieves the current GPS coordinate of the affected phone and sends it via HTTP Post on the following address: http://{BLOCKED}apoints.appspot.com/addPoint?email=%_email_%&code=%_key_%&time=%_currenttime_%&lat=%_latitudecoordinate_%&lng=%_longitudecoordinate_%&pro=%_provider_%&acc=%_accuracy_%
  • The malicious user may then use the email and the key on the GPS Spy app to be able to track the affected file.

Solution


Minimum scan engine: 8.900
Trend Micro Mobile Security Pattern Version: 1.105.00
Trend Micro Mobile Security Pattern Release Date: 13 Jun 2011

Step 1

Trend Micro Mobile Security Solution

Trend Micro Mobile Security Personal Edition protects Android smartphones and tablets from malicious and Trojanized applications. The App Scanner is free and detects malicious and Trojanized apps as they are downloaded, while SmartSurfing blocks malicious websites using your device's Android browser.

Download and install the Trend Micro Mobile Security App via Google Play.

Step 2

Remove unwanted apps on your Android mobile device

[ Learn more ]

Did this description help? Tell us how we did.

Connect with us on