1. /
  2. Security Response/
  3. Android.Answerbot

Android.Answerbot

Risk Level 1: Very Low

Discovered:
October 7, 2011
Updated:
October 7, 2011 11:27:25 AM
Type:
Trojan
Systems Affected:
Android
Android.Answerbot is a Trojan horse that opens a back door on Android devices.

Android Package File
The initial downloaded APK can vary as it will be named according to the legitimate application it is imitating.

The Trojan may also arrive as the following APK file:
[SINGLE CHARACTER].apk

Note: The file name changes as the version of the threat is updated, for example:
  • a.apk
  • b.apk
  • etc.


Installation
This threat must be manually installed. It is known to be distributed through Chinese third-party Android markets by re-packaging legitimate applications with the Trojan code.


Antivirus Protection Dates

  • Initial Rapid Release version October 7, 2011 revision 006
  • Latest Rapid Release version February 19, 2013 revision 016
  • Initial Daily Certified version October 7, 2011 revision 008
  • Latest Daily Certified version July 12, 2012 revision 016
  • Initial Weekly Certified release date October 12, 2011
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy

Damage

  • Damage Level: Medium
  • Payload: Opens a back door on the device.
    Downloads more malware.
    May send SMS messages to premium numbers.
  • Releases Confidential Info: May steal information from the device.

Distribution

  • Distribution Level: Low
Writeup By: Poul Jensen

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report, Volume 17
Symantec DeepSight Screensaver