Home / malware Android.Gupno
First posted on 23 July 2015.
Source: SymantecAliases :
There are no other names known for Android.Gupno.
Explanation :
Android package file
The Trojan may arrive as a package with the following characteristics:
Package name: nes.fc.snk.nine3.mobo3.McDonaldland
Version: 2.4
Name: McDonaldland
Permissions
When the Trojan is being installed, it requests permissions to perform the following actions:
Access information about the Wi-Fi stateDiscover, pair, and connect to bluetooth devices Open network connectionsMake the phone vibrateWrite to external storage devicesAccess information about networksCheck the phone's current stateAllow access to low-level system logsStart once the device has finished bootingInstall a shortcutAccess location information, such as Cell-ID or Wi-FiAccess location information, such as GPS informationAccess the list of accounts in the Accounts Service Read user's browsing history and bookmarksAccess list of current or recently running tasksDisplay alertsAccess information about and change the Wi-Fi stateMonitor, read, and send SMS messagesChange network connectivity stateRead user's contacts data
Installation
Once installed, the application will display an icon with a large yellow letter M over the text "McDonald's" on a red background.
Functionality
The Trojan poses as legitimate popular applications and attempts to charge users for features that are normally free. It may also display advertisements on the compromised device.Last update 23 July 2015