Dr.WEB, Russian developer of information security software, has warned users about a new Trojan for Android that can intercept inbound short messages and forward them to criminals. Android.Pincer.2.origin poses a serious threat because stolen messages can contain sensitive information such as mTAN codes which are used to confirm online banking transactions.
The Trojan, discovered by Doctor Web’s analysts several days ago, is a second representative of theAndroid.Pincer malware family. Like its predecessor, this malicious program is spread as a security certificate that supposedly must be installed onto an Android device. If a careless user does install the program and attempts to launch it, Android.Pincer.2.origin will display a fake notification about the certificate’s successful installation and will not perform any noticeable activities for a while.
To be loaded at startup, the Trojan will make sure that its process -CheckCommandServices – will be run as a background service.
If at some point Android.Pincer.2.origin is launched successfully at startup, it will connect to a remote server and send it information about the mobile device, including:
•Handset model
•Device’s serial number
•IMEI
•Carrier
•Cell phone number
•Default system language
•Operating system
•Availability of the root account
Related
Tags: About Doctor Web, About Dr.WEB, Additional tweaks have been introduced to avoid errors when adding or removing product components or uninstalling the product, antivirus softwares dr web free download, certification and state secret protection of FSB Russia for development and/or publishing of tools for protection of classified information, Currently Doctor Web, devices business for Airtel, Doctor Web, doctor web antivirus, Doctor Web dealers in delhi, Doctor Web dealers in india, Doctor Web dealers in jaipur, Doctor Web dealers in Kolkata, Doctor Web dealers in lucknow, Doctor Web dealers in Madhya Pradesh, Doctor Web dealers Mumbai, Doctor Web dealers rajasthan, Doctor Web dealers surat, Doctor Web dealers uttarpradesh, Doctor Web distribution, Doctor Web distributor in india, Doctor Web file must be downloaded, Doctor Web fixes a SpIDer Guard problem, doctor web free download, Doctor Web Google Play, Doctor Web has updated, Doctor Web information security software, Doctor Web is 1.2.1 india, Doctor Web malware downloaded, Doctor Web product, Doctor Web Russian developer of information security software, Doctor Web Samsung devices, Doctor Web site, Doctor Web updated its Dr.Web 7.0 for Android Light, Doctor Web via a browser, Doctor Web wasn't being detected, Doctor Web will be updated automatically, doktor web download, dr web android license key, dr web android pro license key free, dr web antivirus, dr web antivirus 2011, dr web antivirus 2011 free download, dr web antivirus keygen, dr web antivirus licence key, dr web antivirus license key free, dr web antivirus pro apk, dr web cureit antivirus free download, dr web cureit download, dr web cureit free download full version, dr web product key, dr. web antivirus key for android, dr.cureit free download, Dr.WEB, Dr.Web -1.0.3, Dr.Web 32- and 64-bit versions of Linux, Dr.Web 7.0 for Android Light, Dr.Web 8.0 products' Components for Windows Updated, Dr.Web Administrator emergency aid kit, Dr.Web Android 4.2 support, Dr.Web Android.Pincer malware family, Dr.Web Android.Pincer.2.origin will display a fake notification, Dr.Web announced eighth version of remote scanning and curing utility Dr.Web CureNet, Dr.Web Anti-theft Module recognition of multiple, Dr.Web anti-virus for Android., Dr.Web Anti-virus Light on the application list, Dr.Web Anti-virus scans, dr.web antivirus 6.01.7 apk, dr.web antivirus apk, dr.web antivirus apk download, dr.web antivirus download, dr.web antivirus for nokia, dr.web antivirus free download, dr.web antivirus free download 2010, dr.web antivirus free download for windows 7, dr.web antivirus full apk, dr.web antivirus key, dr.web antivirus key for mobile, dr.web antivirus light, dr.web antivirus serial number, Dr.Web Attacks Linux Servers, Dr.Web Availability of the root account, Dr.Web begin intercepting communications from a specified number, Dr.Web Beta Testers, Dr.Web Business, Dr.Web Buy from partners, Dr.Web Carrier, Dr.Web Cell phone number, Dr.Web code, Dr.Web Company history, Dr.Web Company profile, Dr.Web compromised Linux web servers, Dr.Web Contact us, Dr.Web CureIt, dr.web cureit antivirus, Dr.Web CureNet, Dr.Web CureNet 8.0, Dr.Web CureNet 8.0 download, Dr.Web CureNet 8.0 serial number, Dr.Web CureNet 8.0 support Windows 8 and Windows Server 2012, Dr.Web CureNet 8.0demo license, Dr.Web CureNet! 8.0 released, Dr.Web CureNet! from http://www.drweb-curenet.com/ or download.drweb.com/curenet, Dr.Web customers, Dr.Web Default system language, Dr.WEB device's IMEI, Dr.Web Device's serial number, Dr.Web distributions, Dr.Web DNS names, Dr.Web exploits critical vulnerabilities, Dr.Web FAQs, Dr.Web for Android 8.0: Faster, Dr.Web for Android Light, Dr.Web for Android on Challenge Tablet in Japan, Dr.Web Forums, Dr.Web Free services, Dr.Web Free trial, Dr.Web Friendlier and More Reliable, Dr.Web FSB documents of compliance, Dr.Web FSTEC documents of compliance, Dr.Web Gallery, Dr.Web Handset model, Dr.WEB has Studied Dangerous Trojan Substituting Web Pages, Dr.Web has warned users about a new Trojan for Android, Dr.WEB have been discovered on Google Play, Dr.Web Headquarters, Dr.Web Home, Dr.Web IMEI, Dr.Web india, Dr.Web india delaer, Dr.Web india distributor, Dr.Web information security software, Dr.Web installation, Dr.Web installed on attacked servers, Dr.Web introduces a new rootkit-detection subsystem, Dr.Web Investigates, Dr.WEB is warning users, Dr.Web Join now, dr.web license key, Dr.Web Licenses & Certificates, Dr.Web Licenses and certificates Dr.Web Privacy policy Contacts, Dr.Web LinkChecker for Google Chrome, Dr.Web LinkChecker for IE, Dr.Web LinkChecker for Mozilla Firefox / Thunderbird, Dr.Web LinkChecker for Opera, Dr.Web LinkChecker for Safari, Dr.Web Linux.Sshdkit, Dr.Web Live CD, Dr.Web LiveUSB, Dr.Web login and password, Dr.Web malware, Dr.Web messages containing the text string 'pong' are sent, Dr.Web multi-thread scanning, Dr.Web multi-thread scanning that divides tasks between the CPU cores, Dr.Web new version boasts much faster, Dr.Web new version has been released, Dr.Web non-trivial routine, Dr.Web of information security software, Dr.Web on multi-core smart phones, Dr.Web on the latest Android smart phones, Dr.Web Operating system, Dr.Web own investigation, Dr.Web Partner offers, Dr.Web Partner portal, Dr.Web ping - send an SMS containing the text 'pong to a previously specified number, Dr.Web Press center, Dr.Web process sshd, Dr.Web Profit with us, Dr.Web Regional offices Press center, Dr.Web Registered trademarks, Dr.Web Registration, Dr.Web released the eighth version of Dr.Web for Android, Dr.Web remote server via UDP, Dr.Web Renew license, Dr.Web Renewal, Dr.Web Russian develop, Dr.Web Russian developer, Dr.WEB Russian developer of information security software, Dr.Web send a short message using the specified parameters, Dr.Web send_sms [phone number and text], dr.web serial number, Dr.Web server's IP is hardcoded into the malware, Dr.Web Service subscription, Dr.Web set_sms_number-change the number, Dr.Web set_urls - change the address of the control server, Dr.Web show_message-display a message on the screen of the mobile device, Dr.WEB showpage – open a web page in a browser Dr.WEB install – download and install an apk package Dr.WEB showinstall – show a push-notification about the installation of an apk package Dr.WEB iconpa, Dr.Web SIM cards to your trusted list, Dr.Web simple_execute_ussd - send a USSD message, Dr.Web Special offers, Dr.Web Special offers from providers, Dr.Web spreads is yet to be determined, Dr.Web steal passwords on servers running Linux, Dr.Web stop_program-stop working, Dr.Web stop_sms_forwarding - stop intercepting messages, Dr.Web Subscription package, Dr.Web switch between several SIM cards on one smartphone, Dr.Web that can intercept inbound short messages, Dr.Web The latest Trojan version, Dr.Web The licence of Russian Ministry of Defense for activities related to information security tools development, Dr.Web The licences of Federal Service for Technology and Export Control of Russian Federation, Dr.Web The new version supports Android 4.2, Dr.WEB total number of installations of these programs has reached several million, Dr.Web Trojan horse, Dr.Web Trojan injects, Dr.Web trusted SIM cards, Dr.Web Unlock Windows (Trojan.Winlock), Dr.Web Update to v.8, Dr.Web Upgrade license, Dr.Web Upgrade to license with firewall, dr.web version 5 license key, Dr.Web Version 8.0′s major innovations include faster scanning, Dr.Web Warns Users of New Trojan Stealing Short Messages, Dr.WEB Warns Users of Twenty Eight Apps on Google Play Spreading Trojans, Dr.Web with the Anti-theft enabled, dubbed Linux.Sshdkit by Dr.Web, freedrweb, Friendlier and More Reliable, FSB (Federal Security Service) licences, has updated the installer module in the eighth version of Dr.Web Security Space and Dr.Web for Windows due to the component's enhanced capabilities, http://www.drweb.com, Installer in Dr.Web 8.0 for Windows Updated, license key for dr web antivirus, Linux.Sshdkit, Looking for an anti-virus? Sign up for the Dr.Web anti-virus service, Ltd. is a Microsoft Certified Partner, Ltd. possesses the following certificates and licenses, Nasty Trojan infects 100 hosts in sixty minutes, o Dr.Web AV-Desk trademark certificate, o Dr.Web CureIt! trademark certificate, o Dr.Web CureNet! trademark certificate, o Dr.Web trademark certificate, o FSB Russia document of compliance for a software tool Doctor Web command line scanner for DOS (v. 4.44), o FSB Russia document of compliance for a software tool Doctor Web command line scanner for Linux/FreeBSD/OpenBSD/Solaris(i86) (v4.44), o FSB Russia document of compliance for a software tool Dr.Web command line scanner for Microsoft Windows 95/98/Me/NT/2000/XP/Vista workstations (v4.44), o FSB Russia document of compliance for a software tool Dr.Web® anti-virus for Internet gateways Unix (v.4.44), o FSB Russia document of compliance for a software tool Dr.Web® anti-virus for Unix file servers (v.4.44), o FSB Russia document of compliance for a software tool Dr.Web® anti-virus for Windows 95/98/Me/NT/2000/XP/Vista (v.4.44), o FSB Russia document of compliance for a software tool Dr.Web® anti-virus for Windows file servers (v.4.44), o FSB Russia document of compliance for a software tool Dr.Web® Enterprise Suite (v.4.44), o FSB Russia document of compliance for a software tool Dr.Web® for MS Exchange (v.4.44), o FSB Russia document of compliance for a software tool Dr.Web® for Unix mail servers (v.4.44), o FSB Russia document of compliance for a software tool(v.4.44) Dr.Web anti-virus for Windows that enables using it in isolated networks, o FSB Russia licence for activities involving access to state secret information within Moscow and Moscow region, o SpIDer Guard trademark certificate, o SpIDer Mail trademark certificate, o The document of compliance of FSTEC RF #1214/1 for a set of anti-virus programs, o The licence of Federal Service for Technology and Export Control for development and/or publishing of tools for protection of classified information, o The licence of Federal Service for Technology and Export Control for development of information security tools, o The licence of the Centre for licencing, operator code, r.web antivirus download free full version, Russian developer of information security software, start_sms_forwarding [telephone number]-, t Dr.Web remote server via UDP, t twenty-eight applications incorporating a malicious adware module that can download Trojans to Android devices, The Doctor Web Partner Network covers over 90 countries. Buy your Dr.Web products from our authorized partners now, the fraudulent module, the Trojan will make sure that its process –CheckCommandServices, The update will be downloaded and installed automatically, The updated version of the module incorporates a routine to restore the default product configuration file. It may come in handy if the configuration file has been corrupted and the anti-virus can not, Trojan discovered by Doctor Web's analysts several days ago, Twenty Eight Apps on Google Play Spreading Trojans, With Dr.Web for Android 8.0 you can use multiple trusted SIM cards