1. Symantec/
  2. Security Response/
  3. Android.Droidsheep


March 1, 2015 11:04:46 AM
Risk Impact:
Systems Affected:


Android.Droidsheep is a hacktool for Android devices that hijacks social networking accounts on compromised devices.

Android package file
The Trojan may arrive as a package with the following characteristics:

Package name: com.evozi.droidsniff
Name: DroidSniff

When the Trojan is being installed, it requests permissions to perform the following actions:
  • Prevent processor from sleeping or screen from dimming
  • Allow an application to modify the Gmail app
  • Access information about the WiFi state
  • Open network connections

Once installed, the application will display an icon with part of the Android logo at the top and two bones at the bottom, all in gray.

Antivirus Protection Dates

  • Initial Rapid Release version March 1, 2013 revision 002
  • Latest Rapid Release version February 1, 2015 revision 020
  • Initial Daily Certified version March 1, 2013 revision 005
  • Latest Daily Certified version March 1, 2013 revision 005
  • Initial Weekly Certified release date March 6, 2013
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Mario Ballano

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube