1. /
  2. Security Response/
  3. Android.Backscript

Android.Backscript

Risk Level 1: Very Low

Discovered:
September 4, 2012
Updated:
September 7, 2012 5:19:17 AM
Type:
Trojan
Systems Affected:
Android
Android.Backscript is a Trojan horse for Android devices that downloads files onto the compromised device.

Android package file
The Trojan may arrive as a package with one of the following names:

Package name:
  • goldenhammer.bmsnowfullzxl
  • Mag3DLite.SF3DxX
  • com.panda.slay
  • com.aceviral.teamwdfy
  • com.strikermanager.android.strikersossft
  • com.zhuqzu
  • com.AndPhone.game.GoldRacings
  • com.rovio.angrybirdsspace.premiumszs
  • com.creativemobile.DragRacingaxbwx
  • com.iava.kofns9er


Installation
Once installed, the application will display an icon depending on the application that was downloaded.


Antivirus Protection Dates

  • Initial Rapid Release version September 4, 2012 revision 036
  • Latest Rapid Release version February 19, 2013 revision 016
  • Initial Daily Certified version September 5, 2012 revision 002
  • Latest Daily Certified version January 29, 2013 revision 005
  • Initial Weekly Certified release date September 5, 2012
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy

Damage

  • Damage Level: Low
  • Payload: Downloads files onto the compromised device.

Distribution

  • Distribution Level: Low
Writeup By: Zhicheng Zeng

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver