Počet zobrazení stránky

pondělí 19. března 2012

Android.Pdaspy


Type:
Spyware
Name:
Phone monitoring PRO+, GPS Spy Phone Tracking PRO+
Version:
3.1, 7.1
Publisher:
Sherlock Mobile App
Risk Impact:
High

Behavior

Android.Pdaspy is a spyware application for Android devices that periodically gathers information from the device and uploads it to a predetermined location. 

Android package file
The application arrives as one of the following application packages:

Free version:
APK: com.androidapp.pdaspy.apk 
Version: 3.1 
Publisher: Sherlock Mobile App 
Marketplace name: Phone monitoring PRO+ 

Paid version:
APK: com.androidapp.conflite.apk 
Version: 7.1
Publisher: Sherlock Mobile App 
Marketplace name: GPS Spy Phone Tracking PRO+ 


InstallationThe application must be manually installed.

Once installed, the application will display an icon depicting a cog wheel with the name "Conf Lite".



An attacker must have access to the device to log into the application and configure it. After this, the application will no longer appear in the standard Applications menu. However, it will still appear in the Settings > Applications > Manage Applications menu.

Android package file
The application arrives as one of the following application packages:

Free version:
APK: com.androidapp.pdaspy.apk 
Version: 3.1 
Publisher: Sherlock Mobile App 
Marketplace name: Phone monitoring PRO+ 

Paid version:
APK: com.androidapp.conflite.apk 
Version: 7.1
Publisher: Sherlock Mobile App 
Marketplace name: GPS Spy Phone Tracking PRO+ 


InstallationThe application must be manually installed.

Once installed, the application will display an icon depicting a cog wheel with the name "Conf Lite".



An attacker must have access to the device to log into the application and configure it. After this, the application will no longer appear in the standard Applications menu. However, it will still appear in the Settings > Applications > Manage Applications menu.


Permissions
When the application is being installed, it requests permissions to perform the following actions:

  • Open network connections.
  • Check the phone's current state.
  • Read contact data.
  • Read SMS messages on the device.
  • Access location information, such as GPS, Cell-ID or WiFi.
  • Start once the device has finished booting.
  • Prevent processor from sleeping or screen from dimming.


System monitoring
The application will then periodically upload the following information to a predetermined website:
  • Call history
  • Text messages
  • GPS coordinates

An attacker can later log into the website and access the gathered information.
Vystavil v
Štítky:

Žádné komentáře:

Okomentovat

Přihlásit se k odběru: Komentáře k příspěvku (Atom)