Search Results: android


Android Botnets Email Home

statement, seeing some of the Android malware samples I've analyzed recently, malware authors might... share that sentiment. In 2013, we saw the first Android botnet variant that used email as a means... Recipient Email Id Sender Email Account Status Android/Langya.A!tr.spy Aug, 2013 smtp.163.com No... User account suspended Android/Secretspy.A!tr.spy Sept, 2013 smtp.gmail.com No Account password... changed Android/Bankstel.A!tr.spy July, 2014 smtp.qq.com No Failure to sign in Android/Wroba.I!tr

A Wrap Up of ToorCon 19 at San Diego

, Dig Deep into FlexiSpy for Android at ToorCon 19. FlexiSpy for Android is a spy app with full IM..., Internet, applications, etc. In short, FlexiSpy can take full control of an Android mobile phone or... FlexiSpy Android spy app. I reviewed the leaked data and finished my deep analysis and reverse... spying features. Fourthly, I analyzed two IM spy cases of FlexiSpy for Android. One was for spying... on Skype for Android, and the other was for spying on WeChat for Android. We can see that the IM

Analyzing Android malware using a FortiSandbox

In this blog post we will analyze a couple of Android malware samples in the Android VM of the... the VM To run a given sample in the Android VM, you should log into the FortiSandbox, make sure... an Android VM is available, and then "Scan Input" / Submit a New File. Figure 1... Scan Samples analyzed: Name SHA256 Android/SpyBanker.DZ!tr... 6d4ece4c5712995af7b76a03b535a3eaf10fcdca20f892f8dc9bdaf3fa85d590 Android/Obad.A!tr

Alligator at GreHack

had yet spotted: Adware/Geyser!Android. The number has now increased with the discovery of Riskware.../Zdchical!Android and Riskware/SmsCred!Android. The former leaks the IMEI and IMSI to a remote server... improve our surveillance techniques on Android marketplaces and spot the most suspicious samples in

Tracking Android/Foncy

Denis Maslennikov reported a new SMS trojan, Android/Mania, which emanates from France. This...: the 4 prepaid mobile phone numbers were used by authors of Android/Foncy. **Thus, we detect Mania as... Android/Foncy.C!tr.dial. ** Intentionally or not, the malware trashes all other incoming SMS...-house script. For example, AndroGuard shows that the code of two Android/Mania samples only differ by

Clean for the phone, but not clean in the code

' marketplace for Android : Android/Odpa.A!tr.spy This sample consists of a smartphone cleaner, giving...: Android/Mseg.B Android/GoldenTouch.A Android/Apperhand.AA Android/Mseg.L Adware/Umeng.W Although... IMEI Run shell commands (Runtime.exec) Send HTTP POST requests Use Umeng Android/Mseg.B Yes Yes... Yes Yes Yes Yes Android/GoldenTouch.A Yes Yes Yes Yes Yes Yes Yes Android/Apperhand.AA Yes Yes

Locker: an Android ransomware full of surprises

There are already a couple of Android ransomware, but Android/Locker.CB!tr certainly is an.... Legend. Scare page of Android/Locker How did it get the picture of me? Quite simply by using... User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; sdk Build/KK) Host: 148.251.154.104:12449...: Dalvik/1.6.0 (Linux; U; Android 4.4.4; sdk Build/KK) Host: 148.251.154.104:12449 Connection: Keep... receive an "ACTION_CRYPT_DATA" from the C&C, your SD Card's Android directory is

Top 10 Posts of 2011 from Fortinet's FortiGuard Blog

FortiGuard blog posts throughout 2011. Carrier IQ on Android - FAQ Android Malware Surges in 2011

1,000 malicious Android samples per day

. Evolution of malicious Android samples. Light blue curve is the number of known Android samples in our... databases. Dark blue line is the average number of new Android samples we received per day. Yes, we... currently have over 150,000 Android samples, and they currently come in at a rate of 1,000 malware.... For example, recently, we detected Android/Smsilence.A!tr.spy, which was targetting Japanese and...: Android/BadNews was downloaded - and probably installed - millions of times. On the contrary, we

Android malware distributed by malicious SMS in France

Another Android malware is currently in the wild in France, as we have recently discovered. This... a remote server. We have named it Android/Fakelash.A!tr.spy. Contrary to many Android malware... from 10052 saying "For proper function of your device, please download the new ANDROID Flash update... at this link: http://tinyurl.com/xxxxx". Victim complaining of infection by Android/Fakelash.A... Flash Player update or sending spam to get promote the malware is relatively common. On Android, it is