Home / malware Android.Gomal
First posted on 14 October 2014.
Source: SymantecAliases :
There are no other names known for Android.Gomal.
Explanation :
Android package file
The Trojan may arrive as a package with the following characteristics:
Package name: com.android.project
Version: 1.0
Name: Tic Tac Toe
Permissions
When the Trojan is being installed, it requests permissions to perform the following actions:
Check the phone's current stateInitiate a phone call without using the Phone UI or requiring confirmation from the userAccess the list of accounts in the Accounts Service Monitor, modify, or end outgoing callsStart once the device has finished bootingMonitor, read, create, and send SMS messages on the deviceOpen network connectionsAccess location information, such as Cell-ID, Wi-Fi, and GPS informationRead user's contacts dataCreate new contact dataWrite to external storage devicesRead and write user's calendar dataUse the device's mic to record audioPrevent processor from sleeping or screen from dimmingRead user's browsing history and bookmarksRead or write to the system settingsAccess information about networksChange network connectivity stateModify current configurationAccess information about and change the Wi-Fi stateRead low-level system log filesMake the phone vibrate
Installation
Once installed, the application will display an icon with a gray gear cog in front of a message box.
Functionality
The Trojan claims to be a Tic-tac-toe game.
Once executed, the Trojan attempts to root the compromised device.
If successful, the Trojan may then gather the following information from the compromised device:
EmailsSMS messages
The Trojan then sends the stolen information to a remote location.Last update 14 October 2014
