Mobile Security

Obad.a – What You Need to Know About the Latest Android Threat

0
By on Jun 10, 2013

With the convenience of our mobile apps, we increasingly rely on our phones for work and play.  But did you know that those same apps might be leaving you vulnerable to some nasty mobile malware?

Amongst the worst type of malware, software that damages your computer or mobile, is a Trojan Horse program or trojan.  Trojans are the most prominent category of threats this year on the mobile threat landscape.  Backdoor Trojans are a particularly insidious type of Trojan, because much like their namesake, they disguise themself as useful software to the user and then leave a backdoor open in your system so attackers can get into your data at any time.

There’s a new Backdoor Trojan that targets the Android operating system which McAfee Mobile Security detects via the cloud as an “Artemis” Trojan and on a device as Android/Obad.A. Other vendors refer to this as Backdoor.AndroidOS.Obad.a. The malware commonly known as “Obad,” is one of the most dangerous for your phone yet.

Here’s what you need to know:

  • It’s hidden.  Obad runs in the background of your phone so you may not know if you even have it.  It’s so well hidden that, once Device Administrator privileges have been granted, the malware does not appear in the device administrator list so it is not possible to delete it without root privileges
  • It executes remote commands.  Devices infected with Obad can be controlled remotely by a Command and Control(C&C) server.  The attacker can send a variety of commands such as:
    • making your mobile send unauthorized text messages(e.g. to Premium Rate numbers)
    • download other malicious apps and installing them on the infected device
    • harvest sensitive information (e.g. list of installed apps, user’s contact list)
    • acquiring the account balance(via USSD command)
  • It uses an old-fashioned method to spread itself.  Like one of the very first mobile malware SymbOS/Cabir, Obad scans for Bluetooth enabled devices. If it establishes a connection it will send itself and potentially files downloaded from remote servers.
  • It’s not very widespread. The prevalence of this threat is very low and limited to a certain region. Nevertheless we are closely monitoring telemetry data for any change in the number of infected devices.

How Can You Protect Yourself From Obad or Other Trojans?

  • Turn off discover/visible-to-all mode or protect your Bluetooth with a security mode when out in public
  • Always use secure browsing when using public Wi-Fi
  • Be careful of downloading apps from unverified sources
  • Don’t open an email attachment if you don’t recognize the sender of the email
  • Make sure your security software is always up to date
  • Take advantage of McAfee Mobile Security – comprehensive protection against mobile device loss, viruses and web threats

For future updates, be sure to follow @McAfee and @McAfeeConsumer on Twitter.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>