1. /
  2. Security Response/
  3. Android.Fakepatch


Risk Level 1: Very Low

June 27, 2012
June 28, 2012 12:01:52 PM
Systems Affected:
Android.Fakepatch is a Trojan horse for Android devices that downloads more files on to the device.

Android package file
The Trojan may arrive as a package with one of the following names:

  • com.rainbows.Diz
  • com.temples.cz
  • com.tencents.qqgame.hallinstaller.hall
  • net.lyzhena.gqyypt
  • ren.zhiwudazhanjiangshilianliankans
Name: bopomofo

Once installed, the application may display the following icons on the device:

Antivirus Protection Dates

  • Initial Rapid Release version June 26, 2012 revision 006
  • Latest Rapid Release version March 25, 2015 revision 036
  • Initial Daily Certified version June 26, 2012 revision 019
  • Latest Daily Certified version March 26, 2015 revision 002
  • Initial Weekly Certified release date June 27, 2012
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment


  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy


  • Damage Level: Medium
  • Payload: Downloads files onto the device.


  • Distribution Level: Low
Note: On May 14, 2015, modifications will be made to the threat write-ups to streamline the content. The Threat Assessment section will no longer be published as this section is no longer relevant to today's threat landscape. The Risk Level will continue to be the main threat risk assessment indicator.
Writeup By: Zhicheng Zeng

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report