http://www.securelist.com/en/ 20 Jun 2013 13:14:48 +0400 http://www.securelist.com/en/rss/klogo.gif http://www.securelist.com/en/ webmaster@securelist.com (OreoX) This is amazing,I have several questions sounds stupid.Why the writers tried to encrypt the string? When we run this app, does it decrypt itself first? http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86099#comments http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86099#comments 15 Jun 2013 22:18:01 +0400 webmaster@securelist.com (1Mirek) and btw it is 'Android Surveillance Application' not trojan or virus I know it sounds cool to you cuz you can then sell more of your "anti" virus, it is more like anti-memory than anti-virus definitely http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86098#comments http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86098#comments 15 Jun 2013 10:44:33 +0400 webmaster@securelist.com (1Mirek) lol most sophisticated trojan, what you found is this https://www.youtube.com/watch?v=C-p0gg7z3b8 from my friend he made it so we can have some fun and you kaspersky noobs go berserk mode immediately telling to the world how smart you are, rather fix your so called "anti-virus" program cuz you are ripping people off, and that what you sellin sure ain't anti-virus software more like a huge memory consumer...glupi rusi http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86097#comments http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86097#comments 15 Jun 2013 10:27:26 +0400 webmaster@securelist.com (Jessie) Roman, great analysis! Could you tell if there was a unique method of bluetooth propagation? Or does it spread by just having admin privileges to the bluetooth and bluetooth_admin APIs, which would make a potential victim in proximity still have to accept a connection in order to infect their phone as well. Thank you. http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86096#comments http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86096#comments 14 Jun 2013 20:15:03 +0400 webmaster@securelist.com (Samreen M) The title is so telling that it did not let me move on. The statistics show the deplorable condition prevailing now. There must be a check and balance. Parental Control is beneficial for software in this way to make parents aware what their children are doing online as it’s important for them to know in which activities their children are engaged and limit their access to the internet content. Samreen M Bolee.com. http://www.securelist.com/en/blog/8103/What_are_children_doing_online?replyto=86095#comments http://www.securelist.com/en/blog/8103/What_are_children_doing_online?replyto=86095#comments 14 Jun 2013 11:11:14 +0400 webmaster@securelist.com (Chris Smith) Could you say what was the content of the text message (and link) that was sent out? http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86094#comments http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86094#comments 13 Jun 2013 13:21:41 +0400 webmaster@securelist.com (patricia schneider) Ouch I would say this over and over again I agree with navyjax2 why because I have 3 droid phones,2droid pads 1 laptop and I really am not a hotshot over the top geek person however I am so careful with what I do on line I don't give out any information to no one and change passwords every week. I read so much it gets so confusing for those like the non geek person sometimes it's nice to see pages of blogging so full of messages about a virus because I can catch up on how to be safe with my toys. thanks for the truth and nothing but the truth even if hackers or smackers do what they do there are still those like me with help. http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86093#comments http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86093#comments 12 Jun 2013 08:52:18 +0400 webmaster@securelist.com (an12349) could it log your gmail password? I'm afraid that I may have received a phone with this preinstalled on it unbeknownst to me. Would a factory reset // full wipe be able to get rid of this thing? http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86092#comments http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86092#comments 10 Jun 2013 23:10:29 +0400 webmaster@securelist.com (Bildos) How to protect??? http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86091#comments http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86091#comments 10 Jun 2013 15:07:06 +0400 webmaster@securelist.com (AntivirusK) Run free antivirus from http://www.ultymatum.uv.ro http://www.securelist.com/en/blog/208194206/An_avalanche_in_Skype?replyto=86090#comments http://www.securelist.com/en/blog/208194206/An_avalanche_in_Skype?replyto=86090#comments 10 Jun 2013 12:50:07 +0400 webmaster@securelist.com (cstreater) Thanks, Roman. So, the victim receives an unsuspecting malicious SMS link, and when the user clicks it, the malware has no infected the device. Is that correct? It sounds like apps acquired through Google Play, and other legitimate markets are not affected. http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86089#comments http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86089#comments 10 Jun 2013 11:26:02 +0400 webmaster@securelist.com (burnotice) Mac’s is possessive..(Mac's tax-dodge) Macs is plural- 1 or more MACS http://www.securelist.com/en/blog/208193616/New_MacOS_X_backdoor_variant_used_in_APT_attacks?replyto=86088#comments http://www.securelist.com/en/blog/208193616/New_MacOS_X_backdoor_variant_used_in_APT_attacks?replyto=86088#comments 09 Jun 2013 20:04:49 +0400 webmaster@securelist.com (VinceXie) The malware used a lot of encryption. How could you decrypt all the string? Hope u can reply me, thanks a lot. http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86087#comments http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86087#comments 09 Jun 2013 13:17:16 +0400 webmaster@securelist.com (Ipad3User) Has appeared on my Ipad 3 twice in the past two days: " Android Security Scan " http://user-rewards.com-user.mobi Security Warning! Your phone has (7) serious errors! Press OK below to start the repair process... OK " I have not pressed OK, however, I cannot cancel with X or Escape or use the Back Arrow to release the screen. I must reboot to clear the above banner announcement once it has appeared in Safari. I am noting the use of dashes instead of slashes in the IP address. Searched on Google and Kaspersky but no luck yet. Help? http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86086#comments http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86086#comments 08 Jun 2013 19:35:17 +0400 webmaster@securelist.com (Roman Unuchek) Thank you! http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86085#comments http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86085#comments 08 Jun 2013 19:13:48 +0400 webmaster@securelist.com (Roman Unuchek) This app will have DeviceAdmin rights, but it won't be listed in Device Admin list in settings. It means, that it cannot be deleted without root. http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86084#comments http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86084#comments 08 Jun 2013 19:13:19 +0400 webmaster@securelist.com (Roman Unuchek) it was sms spam http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86083#comments http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86083#comments 08 Jun 2013 12:44:37 +0400 webmaster@securelist.com (Roman Unuchek) This app will not be listed in Device Administrator list. So if user will not have SU, he won't be able to delete this app http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86082#comments http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86082#comments 08 Jun 2013 12:44:14 +0400 webmaster@securelist.com (Roman Unuchek) This Trojan were using vulnerability in Android. It was not listed in Device Administrator list. http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86081#comments http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86081#comments 08 Jun 2013 12:40:56 +0400 webmaster@securelist.com (Roman Unuchek) How - mostly by SMS spam When - May 2013 Where - mostly in Russia, but it was in other countries too http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86080#comments http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan?replyto=86080#comments 08 Jun 2013 12:38:18 +0400