Analysis of the Android Trojan
The APK clearly states that the application is requesting permissions to send SMS:
Permissions Requested: android.permission.SEND_SMS
This is a good reminder that you should be mindful of the list of permissions when you are installing an application. In this case, if you are installing a movie player, it should not need to send SMS messages. A few thing are clear from this analysis
- It seems to be an amateur work created for the only purpose of getting traffic on a premium number.
- Unless you are on a Russian network, it is unlikely that your provider will let you send an SMS to this number.
- The app is not capable of spreading itself from phone to phone, it can only be installed by the user.
Again, not a whole lot to it. Since these are Russian SMS short codes, any non-Russian phones probably won’t be able to SMS that premium shortcode and therefore won’t incur the toll charges. It’s important to note that the application has no viral spreading capabilities nor command and control functionality. It simply relies on users being tricked into downloading, installing, and running the fake movie player application.
To conclude, nothing to be scared of. It is certain that as Android become more popular it will be the target for more dangerous applications, but if you take basic precautions like making sure to get your application from reliable sources and reading the list of permissions during the installation process, you, and your phone, will be safe.
You might also like
Sometimes it’s nice to be off the grid for awhile. What if you need to look something up, but don’t want it to be recorded everywhere? Now there is an
Available immediately, the $699 glasses project a virtual 80″ display that lets you play Angry Birds!
To T-Mobile and Samsung that is. Before I launch into my textual rant that has loving become known as “Ray-ging” (thanks to @technogasms), I need to put a disclaimer that