For Consumer

Virus Profile: Android/GinMaster.A

Threat Search
Print
   
Virus Profile information details
Risk Assessment: Home Low | Corporate Low
Date Discovered: 10/29/2012
Date Added: 11/6/2012
Origin: Unknown
Length: N/A
Type: Malware
Subtype: PDA Device
DAT Required: N/A
Removal Instructions
   
 
 
   

Description

Android/GinMaster.A-0 is a malware that sends received SMS messages to a remote server.

Indication of Infection

Root the infected device Sends sensitive information to a remote server Download and install application without user concern

Methods of Infection

This MALWARE requires that the user intentionally install it upon the device. As always, users should never install unknown or un-trusted software. This is especially true for illegal software, such as cracked applications—they are a favorite vector for malware infection.
   

Virus Characteristics

Android/GinMaster.A is distributed in trojanized package application that has a malicious service that could root the device to gain admin privileges, install applications without user concern and post sensitive information.
Once the application is started the following URL is acceded, posting sensitive information (phone number, IMEI, Network type, device information, package application, android version):
http://client.[censored].com/report/first_run.do
Then a service is constantly acceding to this URL to receive commands.
Android/GinMaster.A creates a sqlite database to store the installed packages in the system and upload this information to a remote server.
Some trojanized Android.GinMaster packages includes the Exploit/Voldbrk to root the device and gain root privileges in order to install new packages silently and according to the C&C Server received parameters.

PC Infected? Get Expert Help

McAfee
Virus Removal Service

Connect to one of our Security Experts by phone. Have your PC fixed remotely - while you watch!

$89.95