Brazen new Android Trojan manages your device for you

This brazen new malware not only steals data from an infected smartphone or tablet—it also takes control of the entire device.

 

Security vendor Bitdefender said the new malware—Trojan.Obad.A—seizes administrator privileges to manage the infected device.

 

"Once launched, the sophisticated Android.Obad.A, lurking inside an innocent-looking application, asks users to give it administrative privileges enabling the Trojan to manage the device from deep within the system," Bitdefender Loredana Botezatu said in a blog post.

The path of an infection
 

Botezatu said Android.Obad.A possesses several malicious functions, including sending SMS to premium-rate numbers, entering commands in the device console remotely, and downloading even more malicious code to install in the compromised handsets. This malicious code can even infect other devices via Bluetooth.

 

Botezatu said the new malware abuses a bug in DEX2JAR, a software used to turn APK files into JAR files.

 

She said the malware likewise exploits a vulnerability in the way Androids read the AndroidManifest.xml.

 

The malware even hides itself to make removal "nearly impossible," she added. "Shortly put, an application can’t be uninstalled until its Device Administrator privileges are revoked, which is impossible for an unlisted application."

Why Android users can breathe easier

 

But Botezatu said most Android users can at least rest assured they have little chance of getting infected, as the malware only seems to be downloaded via third-party Android markets.

 

"Users in some regions are however forced to use unsanctioned Play stores. If this is not the case for you, make sure you keep this option disabled," she said.

 

Botezatu suggested that users of Android devices go to their security settings and make sure the 'Unknown sources' box is unchecked.

 

On the other hand, she said signs of malware on a device include a drastic drop in battery life, unusually costly phone or/and data plan bills, and performance issues where once the device worked just fine. —VC, GMA News