Home / malware Android.Rusms
First posted on 18 June 2014.
Source: SymantecAliases :
There are no other names known for Android.Rusms.
Explanation :
Android package file
The Trojan may arrive as a package with the following characteristics:
Package name: com.example.google.service
Permissions
When the Trojan is being installed, it requests permissions to perform the following actions: Check the phone's current stateSend SMS messagesRead SMS messages on the deviceMonitor incoming SMS messagesCreate new SMS messagesOpen network connectionsRead user's contacts data
Installation
Once installed, the threat hides its application icon.
Functionality
When the Trojan is executed, it connects to the following remote location:
[http://]101.55.13.43/s[REMOVED]
The Trojan may then perform the following actions: Gather SMS messages received on the compromised deviceGather contacts and phone numbers on the compromised deviceSend SMS messages
The Trojan may also block SMS messages that contain the following words or numbers: 62791232111mopayboku66245bezahlcodeholyo55498554963323546645Last update 18 June 2014
