Home / malware Android.Selfmite
First posted on 02 July 2014.
Source: SymantecAliases :
There are no other names known for Android.Selfmite.
Explanation :
Android package file
The Trojan may arrive as a package with the following characteristics:
Package name: com.kentapps.theselftimer
Permissions
When the Trojan is being installed, it requests permissions to perform the following actions: Access information about networksAccess information about the WiFi stateOpen network connectionsWrite to external storage devicesRead user's contacts dataInitiate a phone call without using the Phone UI or requiring confirmation from the userCheck the phone's current stateSend SMS messages
Installation
Once installed, the worm will display an icon of a cartoon character with a yellow hat in front of a green background. It will also display the text "The self-timer" underneath the icon.
Functionality
When the worm is executed, it sends the following SMS message to contacts on the compromised device in order to propagate itself:
Dear [CONTACT NAME], Look The Self-time, [http://]goo.gl/f62[REMOVED]
The worm then displays the following website on the compromised device's default Web browser:
[http://]173.244.174.238/messa[REMOVED]Last update 02 July 2014
