As Android is growing, malware targeting this mobile OS is also becoming more sophisticated. Now, security researchers has discovered the most sophisticated Android Trojan ever seen. Researcher says it a “multi-functional Trojan” that is capable of performing many tasks in your Android device.
This trojan is called “Backdoor.AndroidOS.Obad.a” that can send SMS to premium rate numbers, download malware programs, install infected apps in device, spread these malware over Bluetooth and remotely perform commands in console. Developer of the app infected with this malware has encrypted the code to bypass the security check. Malware write tried to make the code as complicated as possible.
“One feature of this Trojan is that the malicious application cannot be deleted once it has gained administrator privileges: by exploiting a previously unknown Android vulnerability, the malicious application enjoys extended privileges, but is not listed as an application with Device Administrator privileges,” said Kaspersky Lab Expert Roman Unuchek.
Malware writer has exploited multiple errors of Android operating system to make this trojan more sophisticated. These errors are related to AndroidManifest.xml and one previously unknown Android OS error.
” The malware modifies AndroidManifest.xml in such a way that it does not comply with Google standards, but is still correctly processed on a smartphone thanks to the exploitation of the identified vulnerability. All of this made it extremely difficult to run dynamic analysis on this Trojan,” researcher notes.
By exploiting the previously unknown error, this app can take the administrator privilege without appearing in the app list. After this, it is impossible to delete this app from the smartphone.
Backdoor.AndroidOS.Obad.a does not have an interface and works in background mode.
The only good news about this trojan is that is it now widely spread yet. Only 0.15% devices may be infected.