1. /
  2. Security Response/
  3. Android.MobileBackup

Android.MobileBackup

Updated:
March 10, 2014 11:50:02 PM
Type:
Spyware
Name:
MBackup
Risk Impact:
Low
Systems Affected:
Android

Behavior

Android.MobileBackup is a spyware application for Android devices that monitors the affected device.

Android package file
The Trojan may arrive as a package with the following characteristics:

Package name: com.mobilefonex.mobilebackup
Name: MBackup

Permissions
When the Trojan is being installed, it requests permissions to perform the following actions:
  • Access location information, such as GPS information.
  • Send SMS messages.
  • Start once the device has finished booting.
  • Check the phone's current state.
  • Read user's contacts data.
  • Monitor incoming SMS messages.
  • Write to external storage devices.
  • Monitor, modify, or end outgoing calls.
  • Access information about the WiFi state.
  • Access location information, such as Cell-ID or WiFi.
  • Prevent processor from sleeping or screen from dimming.
  • Initiate a phone call without using the Phone UI or requiring confirmation from the user.
  • Create new SMS messages.
  • Access information about networks.
  • Open network connections.
  • Use the device's mic to record audio.
  • Mount and unmount file systems for removable storage.
  • Restart packages.
  • Create new contact data.
  • Modify the telephony state.
  • Read SMS messages on the device.

Installation
Once installed, the application will display an icon with a grey phone with a blue screen and a memory card in front of it.

Antivirus Protection Dates

  • Initial Rapid Release version October 2, 2014 revision 022
  • Latest Rapid Release version October 2, 2014 revision 022
  • Initial Daily Certified version February 27, 2014 revision 009
  • Latest Daily Certified version February 27, 2014 revision 009
  • Initial Weekly Certified release date June 15, 2011
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Mario Ballano

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver