Android Package File
APK: santander.apk
Version: 1.0
Application Name: TokenGenerator
Permissions
When the Trojan is being installed, it requests permissions:
- Check the phone's current state.
- Access information about networks.
- Send SMS messages.
- Monitor incoming SMS messages.
- Open network connections.
- Write to external storage devices.
- Install or delete other packages.
- Read contact data.
- Start once the device has finished booting.
Android Package File
APK: santander.apk
Version: 1.0
Application Name: TokenGenerator
Permissions
When the Trojan is being installed, it requests permissions:
Functionality
The threat poses as an online banking token generator. When a user enters a key for an online banking transaction, the Trojan will return a randomly generated, fake token number.
It then opens a back door on the compromised device, allowing an attacker to perform the following actions:
APK: santander.apk
Version: 1.0
Application Name: TokenGenerator
Permissions
When the Trojan is being installed, it requests permissions:
- Check the phone's current state.
- Access information about networks.
- Send SMS messages.
- Monitor incoming SMS messages.
- Open network connections.
- Write to external storage devices.
- Install or delete other packages.
- Read contact data.
- Start once the device has finished booting.
Functionality
The threat poses as an online banking token generator. When a user enters a key for an online banking transaction, the Trojan will return a randomly generated, fake token number.
It then opens a back door on the compromised device, allowing an attacker to perform the following actions:
- Execute arbitrary commands
- Filter SMS messages based on a predefined string and then send them to the C&C server (e.g. SMS messages from an online bank that contain authorization tokens)
- Delete arbitrary SMS messages
- Add a new C&C server
- Send contact lists to the C&C server
- Download and install arbitrary packages
Žádné komentáře:
Okomentovat