1. /
  2. Security Response/
  3. Android.Answerbot


Risk Level 1: Very Low

October 7, 2011
October 7, 2011 11:27:25 AM
Systems Affected:
Android.Answerbot is a Trojan horse that opens a back door on Android devices.

Android Package File
The initial downloaded APK can vary as it will be named according to the legitimate application it is imitating.

The Trojan may also arrive as the following APK file:

Note: The file name changes as the version of the threat is updated, for example:
  • a.apk
  • b.apk
  • etc.

This threat must be manually installed. It is known to be distributed through Chinese third-party Android markets by re-packaging legitimate applications with the Trojan code.

Antivirus Protection Dates

  • Initial Rapid Release version October 7, 2011 revision 006
  • Latest Rapid Release version February 19, 2013 revision 016
  • Initial Daily Certified version October 7, 2011 revision 008
  • Latest Daily Certified version July 12, 2012 revision 016
  • Initial Weekly Certified release date October 12, 2011
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment


  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy


  • Damage Level: Medium
  • Payload: Opens a back door on the device.
    Downloads more malware.
    May send SMS messages to premium numbers.
  • Releases Confidential Info: May steal information from the device.


  • Distribution Level: Low
Writeup By: Poul Jensen

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver