eScan reveals Trojan behaviour and defence

Cyber attacks 2

Mobile operating system is at high risk of the Trojan infection, a report from eScan revealed.

“Windows Operating system has been the popular victim of Trojan Horses until now,” the anti-virus and content security provider said.

“Since the penetration of Smart Phones in the market, the users’ hands never been idle reasons of these smart phones are at high risk of the Trojan programmers to infect the Mobile operating system,” the report added.

Trojan behaviour

Once a user has installed one of the malicious apps, eScan says, the Trojan collects nearly 30 different types of information about the user’s device and transmits them to a remote server operated by the attacker.

These information includes: OS version, SDK system version, device model, screen resolution, CPU type, IMEI identifier, ISO country code, Android build version, cell phone number, SIM serial number, user’s location, network subtype, availability of root access, the current version number of the Trojan, generated unique user ID for phone, network connection type, mobile network operator, e-mail address connected to a Google user account, Google Cloud Messaging identifier (GCM id), whether an infected application has administrator privileges, name of an infected application and presence of a Google Play application on the device.

An Android Trojan which displays unwanted ads and installs nuisance software on mobile devices has been discovered in all Smart phones.

The Trojan module is able to remotely update the operating system, collect information, display notifications (including advertising ones), and make mobile payments.

eScan points out the incidents how a Trojan enters a smart phone. For example, when you are going to browse online or watch a video on the Internet, you may be tricked into installing an app first which gives you a prompt message that you are missing a plug-in, then it will suggest you to download software called Video Player or Adobe Flash Player update.

Once you do that and open the downloaded software, it turns out to be Android Trojan and your phone screen gets locked up right away. On the other hand, the virus can be disguised as an mp4 file or other APK files which are often bundled with spam e-mails without any notice.

According to the eScan research, more than 15,000 spam e-mails containing malicious files has hit the inboxes of Android users in the last few days.

It strongly recommends that users should be more cautious and take necessary measures to avoid such infection on the device.

In some cases, the virus only attacks web browsers instead of taking over the whole phone screen. Android Trojan hijacks Internet and doesn’t allow users to go online anymore. It also requests users to pay to full access to the phone.

How to remove Trojan

In order to remove this Trojan, the report suggests a factory reset, though it is advised to take the phone to an expert, as different Smart Phones have different methods of initiating a Factory reset or Safe Mode.

Safety tips

Always install apps from Google play and official sites.

Turn off Bluetooth if not in use.

Install reliable mobile security software that automatically scans apps before they run for the first time.

Take regular backups of your important data on your phone on cloud or external storage devices.

Before connecting your mobile devices to any computer, ensure that the latter is secure with multi-layered antivirus software.

Avoid clicking links in unknown and unsolicited e-mails and SMSs.

Have your mobile apps updated to their latest version. And ensure that your mobile OS is updated too.

Related News

Latest News

Latest News