1. /
  2. Security Response/
  3. Android.Faketoken

Android.Faketoken

Risk Level 1: Very Low

Discovered:
March 22, 2012
Updated:
March 22, 2012 2:31:38 PM
Type:
Trojan
Systems Affected:
Android
Android.Faketoken is a Trojan horse that opens a back door on the compromised device.

Android Package File
APK: santander.apk
Version: 1.0
Application Name: TokenGenerator




Permissions
When the Trojan is being installed, it requests permissions:
  • Check the phone's current state.
  • Access information about networks.
  • Send SMS messages.
  • Monitor incoming SMS messages.
  • Open network connections.
  • Write to external storage devices.
  • Install or delete other packages.
  • Read contact data.
  • Start once the device has finished booting.

Antivirus Protection Dates

  • Initial Rapid Release version March 16, 2012 revision 041
  • Latest Rapid Release version February 19, 2013 revision 016
  • Initial Daily Certified version March 17, 2012 revision 009
  • Latest Daily Certified version March 17, 2012 revision 009
  • Initial Weekly Certified release date March 28, 2012
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy

Damage

  • Damage Level: Medium
  • Payload: Opens a back door on the compromised device.

Distribution

  • Distribution Level: Low
  • Target of Infection: Android devices.
Writeup By: Branko Spasojevic

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report, Volume 17
Symantec DeepSight Screensaver