For Home

Virus Profile: Android/SMSzombieDrp.A

Threat Search
Print
   
Virus Profile information details
Risk Assessment: Home Low | Corporate Low
Date Discovered: 8/20/2012
Date Added: 8/20/2012
Origin: N/A
Length: N/A
Type: Trojan
Subtype: PDA Device
DAT Required: N/A
Removal Instructions
   
 
 
   

Description

Android/SMSzombieDrp.A is a Trojan that poses as a wallpaper application that installs other malware that have inside.

Indication of Infection

- Piggybacks Android/SMSzombie.A
- Persistent notifications to force users to install Android/SMSzombie.A

Methods of Infection

This malware requires that the user intentionally install it upon the device. As always, users should never install applications from unknown or un-trusted android markets.
   

Virus Characteristics

Android/SMSzombieDrp.A comes inside of wallpaper applications oriented to Chinese users and it was found distributed in several APK packages in unofficial applications markets. This malware forces the user to install Android/SMSzombie.A by showing persistent notifications. Before its installation, Android/SMSzombieDrp.A only request permissions to change the wallpaper.

Once Android/SMSzombieDrp.A is executed when the user choose to change the live wallpaper, it shows the following persistent notification that request the installation of a "program" to use the wallpaper without restrictions:
Please install the program and get 100 points in order to access to the game without restrictions

Then Android/SMSzombieDrp.A shows the installation of Android/SMSzombie.A and starts it. (android.phone.com.AndphoneActivity).