- Type:
- Trojan
- Infection Length:
- 220,015 bytes
Android.Tigerbot is a Trojan horse for Android devices that opens a back door on the compromised device.
Android package file The Trojan may arrive as a package with the following name:
APK: com.google.android.lifestyle
Version: 1.4.1
Name: com.google.android.lifestyle.apk
Icon: The Trojan does not create an application icon. However, it may appear in Manage Applications as an application named System.
Android package file The Trojan may arrive as a package with the following name:
APK: com.google.android.lifestyle
Version: 1.4.1
Name: com.google.android.lifestyle.apk
Icon: The Trojan does not create an application icon. However, it may appear in Manage Applications as an application named System.
Android package file The Trojan may arrive as a package with the following name:
APK: com.google.android.lifestyle
Version: 1.4.1
Name: com.google.android.lifestyle.apk
Icon: The Trojan does not create an application icon. However, it may appear in Manage Applications as an application named System.
Permissions
When the Trojan is being installed, it requests permissions to perform the following actions:
Remote access
The Trojan then opens a back door on the compromised device and listens for specially crafted SMS messages, allowing an attacker to perform the following actions:
APK: com.google.android.lifestyle
Version: 1.4.1
Name: com.google.android.lifestyle.apk
Icon: The Trojan does not create an application icon. However, it may appear in Manage Applications as an application named System.
Permissions
When the Trojan is being installed, it requests permissions to perform the following actions:
- Check the phone's current state.
- Change the phone state, such as powering it on and off.
- Initiate a phone call without using the Phone UI or requiring confirmation from the user.
- Monitor, modify, or end outgoing calls.
- Use the device's mic to record audio.
- Access the camera
- Modify global audio settings.
- Read user's contacts data.
- Create new contact data.
- Start once the device has finished booting.
- Send, monitor, read, and create new SMS messages.
- Open network connections.
- Access location information, such as Cell-ID or WiFi.
- Access location information, such as GPS information.
- Allows an application to update device statistics.
- Prevent processor from sleeping or screen from dimming.
- Allow access to low-level power management.
- Read or write to the system settings.
- Allows applications to disable the keyguard.
- Write to external storage devices.
- Allow access to low-level system logs.
- End background processes.
- Access information about networks.
- Allows applications to write the APN settings.
- Connect to paired Bluetooth devices.
Remote access
The Trojan then opens a back door on the compromised device and listens for specially crafted SMS messages, allowing an attacker to perform the following actions:
- Change network settings
- Stop and start processes and services
- Send the contact list to a remove location
- Reboot the compromised device
- Record incoming and outgoing call numbers
- Deactivate software
- Take screenshots
Žádné komentáře:
Okomentovat