Jump to content


From China with Love: New Android Backdoor Spreading

  • Please log in to reply
No replies to this topic

#1 TheSentinel


    The man in the dark

  • General Admin
  • 30,402 posts

Posted 26 February 2012 - 08:02 PM

From China with Love: New Android Backdoor Spreading through Hacked Apps
25 February 2012
Trojan.Android.FakeAngry.A/B silently installs applications and reports the phone?s activity
By Bogdan Botezatu

With the Android OS surpassing more than 50% of market share on mobile devices, the number of malicious attacks has increased considerably. Freshly discovered by Bitdefender, the FakeAngry family of Trojans is just one of the e-threats targeting smartphones running Android, and especially users who rely on third-party Chinese Markets to download applications.

The Trojan?s name is given by the fact that these two variants store their settings as ?i22HK?, while the com.i22.* packages are associated with the popular Angry Birds application.

Until now, we have isolated two variants of the FakeAngry family, both present in Java packages mostly targeting Chinese users. In-depth analysis reveals that, once an infected package is run, the Trojanized application deploys a backdoor that connects to a command and control server in China and / or Canada and then waits for instructions from the attacker. Among others, the backdoor is able to silently install another application, set browser bookmarks or even syphon device logs for monitoring purposes.

More information about at: