Home / malwarePDF  

Android.Alienspy


First posted on 28 April 2015.
Source: Symantec

Aliases :

There are no other names known for Android.Alienspy.

Explanation :

Android package file
The Trojan may arrive as a package with the following characteristics:

Package name: com.piriform.ccleaner
Version: 1.08.33

Permissions
When the Trojan is being installed, it requests permissions to perform the following actions:
Read and write user's browsing history and bookmarksRead and write user's contacts dataClear the caches of all installed applications on the deviceRead and create new SMS messages on the deviceFind out the space used by any packageRead and write user's call logCheck the phone's current stateRead and write external storageOpen network connectionsAccess information about networksAccess list of current or recently running tasksKill all background processesAccess information about the Wi-Fi stateConnect to paired Bluetooth devices

Functionality
The Trojan may connect to the following remote location:
davewilly1234.no-ip.biz
The Trojan may then perform the following actions on the compromised device:
Access the cameraDownload filesGet operating system name and memory informationGet MAC address informationGet last update timeRead configuration data from "config.xml"Access saved passwords in ChromeRead messagesMake the phone vibrateScan for Wi-Fi networksCollect GPS informationSend local files to remote locationsAccess saved Wi-Fi passwords

Last update 28 April 2015

 

TOP