Given how much furor is given to iOS when the smallest of security risk comes about check out this lovely bit of Android malware in the form of Backdoor .AndroidOS .Obad.a or “Obad” Once installed it can’t be removed.
In a post to Kaspersky Lab’s Securelist blog, security expert Roman Unuchek describes the malicious program, dubbed Backdoor.AndroidOS.Obad.a or “Obad” for short, as being closer to Windows malware than to your typical mobile Trojan, owing to its complexity and sophistication.
Some choice quotes from the post that should make for worrying reader for anyone on the android system obtaining less than legit apps.
..one feature of this Trojan is that the malicious application cannot be deleted once it has gained administrator privileges: by exploiting a previously unknown Android vulnerability, the malicious application enjoys extended privileges, but is not listed as an application with Device Administrator privileges.
After the first launch, the malicious application collects the following information and sends it to the C&C server at androfox.com:
MAC address of the Bluetooth device
Name of operator
Telephone number
IMEI
Phone user’s account balance
Whether or not Device Administrator privileges have been obtained
Local time
Finally, Backdoor.AndroidOS.Obad.a does not have an interface and works in background mode.
Leave a Reply