- March 10, 2014 11:50:02 PM
Android.MobileBackup is a spyware application for Android devices that monitors the affected device.
Android package file
The Trojan may arrive as a package with the following characteristics:
When the Trojan is being installed, it requests permissions to perform the following actions:
- Access location information, such as GPS information.
- Send SMS messages.
- Start once the device has finished booting.
- Check the phone's current state.
- Read user's contacts data.
- Monitor incoming SMS messages.
- Write to external storage devices.
- Monitor, modify, or end outgoing calls.
- Access information about the WiFi state.
- Access location information, such as Cell-ID or WiFi.
- Prevent processor from sleeping or screen from dimming.
- Initiate a phone call without using the Phone UI or requiring confirmation from the user.
- Create new SMS messages.
- Access information about networks.
- Open network connections.
- Use the device's mic to record audio.
- Mount and unmount file systems for removable storage.
- Restart packages.
- Create new contact data.
- Modify the telephony state.
- Read SMS messages on the device.
Once installed, the application will display an icon with a grey phone with a blue screen and a memory card in front of it.
Antivirus Protection Dates
Initial Rapid Release version June 9, 2011
Latest Rapid Release version June 9, 2011
Initial Daily Certified version February 27, 2014 revision 009
Latest Daily Certified version February 27, 2014 revision 009
Initial Weekly Certified release date June 15, 2011
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Mario Ballano