Security expert Kaspersky Labs has identified what it claims to be the most sophisticated Android Trojan it has ever seen and has termed it ‘Backdoor.AndroidOS.Obad.a.’ The Trojan is believed to be capable of sending a SMS to premium rate numbers, downloading and installing additional malware, and remotely executing console commands among other things.
Kaspersky says that once a smartphone is infected, the Trojan gains access to the phone’s privileges and starts working in the background. In less than 10 seconds, the Trojan also tries spreading through unsecure Wi-Fi networks or via Bluetooth networks in the vicinity and sends malicious files to nearby unprotected devices. Also Read - Kaspersky Lab to transfer its' customer data to Zurich by 2019
Backdoor.AndroidOS.Obad.a also abuses vulnerabilities the Trojan developers found on the Android OS. For example, it gains access to administrator privileges and makes it impossible for a user to delete the malicious app, and also disrupts the proper functioning of DEX2JAR, a piece of software on Android that converts APK files into JAR files, thus eventually complicating a statistical analysis of the Trojan. Also Read - User data transmitted over 'HTTP' at great hacking risk: Kaspersky
The researchers at Kaspersky Labs say that the Trojan has fortunately not spread a lot and have also notified Google of the above vulnerabilities on their OS, which have been exploited by the Trojan.