Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- forensic blog
- mobile phone forensics and mobile malware
- Current Android Malware
- Here is the full list of Android-Malware-Families with their main capabilities. We will try to keep this table up-to-date. We took one sample of each family for the data within this table.
- Description Capabilities
- AccuTrack
- This application turns an Android smartphone into a GPS tracker.
- Ackposts
- This Trojan steals contact information from the compromised device and uploads them to a remote server.
- Acnetdoor
- This Trojan opens a backdoor on the infected device and sends the IP address to a remote server.
- Adsms
- This is a Trojan which is allowed to send SMS messages. The distribution channel of this malware is through a SMS message containing the download link.
- Airpush/StopSMS
- Airpush is a very aggresive Ad-Network.
- AnServer/Answerbot
- Opens a backdoor in Android devices and is able to steal personal information which will be uploaded to a remote server afterwards.
- Antares/Antammi
- This is a Trojan which steals personal information from the infected device.
- Arspam
- This malware represent the first stage of politically-motivated hacking (hacktivism) on mobile platforms.
- AVPass
- This malware family tries to detect and circumvent Android security tools (like AntiVirus apps) installed on the infected device. Afterwards, the app tries to steal sensitive data and receives additional comands via SMS.
- BackFlash/Crosate
- This malicious app installs a fake Flash plugin that registeres itself as device administrator and leaks sensitive information.
- Badaccents
- This malware claims to download a copy of “The Interview” but instead installs a two-stage banking Trojan onto victims’ devices.
- Badnews
- Once activated, BadNews polls its C&C-Server every four hours for new instructions while pushing several pieces of sensitive information including the device’s phone number and IMEI up to the server.
- BankBot
- This malware tries to steal users’ confidential information and money from bank and mobile accounts associated with infected devices.
- Basebridge
- Forwards confidential details (SMS, IMSI, IMEI) to a remote server.
- BeanBot
- This is a Trojan which is allowed to send SMS messages and which is controlled by a C&C-Server.
- Beita
- A simple info stealer.
- Binv
- This malware is a classical Banking-Trojan that is targeting Brazilian users of Android devices.
- BgServ
- Obtains the user’s phone information (IMEI, phone number, etc.). The information is then uploaded to a specific URL.
- Biige
- This spyware records SMS messages, calls, location, etc. and uploads these data to a remote server.
- Booster
- This application steals personal information and uploads these data to a remote server.
- Boxer
- This trojan sends SMS messages to premium rated numbers.
- Cajino
- This malware is a classical RAT that tries to exfiltrate sensitive information. What makes this sample special is that it is using Baidu Cloud Push service for communication.
- Carberp
- Tries to steal confidential banking authentication codes (mTAN messages) sent to the infected device.
- Cawitt
- This application steals personal information and uploads these data to a remote server.
- Cellspy
- This application is a smartphone tracker.
- Chulli
- This malware family was used within in targeted attack. The e-mail account of a high-profile Tibetan activist was hacked and used to send targeted attacks to other activists and human rights advocates. After a mobile device gets infected, it connects to a C&C-Server and waits for SMS commands to leak sensitive data to this server.
- Code4hk/xRAT
- This malware has been used within targeted attacks in Asia and tries to exfiltrate the geolocation of the victim as well as voice recordings. The malicious sample is spreading through WhatsApp messages.
- Coogos
- Backdoor Trojan which has the capability to receive a remote connection from a malicious hacker and perform actions against the compromised system.
- CopyCat
- Is a aggressive and malicious ad network. The main goal is to generate revenue.
- Cosha
- This applications monitor the infected device and send perso
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement