Skip to content
1-888-762-8736(M-F 8:00am-5:00pm CST)
1-877-218-7353(M-F 8:00am-5:00pm CST)
href="http://www.trendmicro.com/us/enterprise/index.html" id="ENT-overview-test2" title="SEE ALL ENTERPRISE SOLUTIONS">Enterprise Overview
This Android OS backdoor has the increased potential for damage, propagation, or both, that it possesses. Specifically, it is a Trojanized version of the official Android Market Security Tool for Google, which is capable of manipulating SMS and connecting to a remote URL to send and receive information.
To get a one-glance comprehensive view of the behavior of this Backdoor, refer to the Threat Diagram shown below.
This backdoor is capable of gathering device information and monitoring SMS and calls. It may also download other files that could possibly be malicious.
This backdoor may be unknowingly downloaded by a user while visiting malicious websites.
This backdoor connects to the following URL(s) to send and receive commands from a remote malicious user:
Based on the analysis of its code, this backdoor has the following capabilities:
It is a Trojanized version of Google's Android Market Security Tool. The said tool is designed to clean the effects of another Trojanized application, which Trend Micro detects as ANDROIDOS_LOTOOR.A. The said tool is also capable of gathering device information and monitoring SMS and calls. It may also be used by remote attackers to intercept messages from the China Mobile hotline, 10086.
Remove malware files dropped/downloaded by ANDROIDOS_BGSERV.A
Trend Micro Mobile Security Solution
Trend Micro Mobile Security Personal Edition protects Android smartphones and tablets from malicious and Trojanized applications. The App Scanner is free and detects malicious and Trojanized apps as they are downloaded, while SmartSurfing blocks malicious websites using your device's Android browser.
Download and install the Trend Micro Mobile Security App via Google Play.
Remove unwanted apps on your Android mobile device
To remove unwanted apps on your mobile device:
Connect with us on
| | | |