Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Trojan:Android/FakeToken


Aliases:


Trojan:Android/FakeToken
Trojan:Android/FakeToken.A

Malware
TrojanAndroid
W32

Summary

Trojan:Android/FakeToken steals SMS messages containing mTAN numbers generated by banks to validate online transactions.



Disinfection & Removal

F-Secure's Mobile Security product blocks installation of this program with default settings.



Technical Details

FakeToken.A pretends to be a mobile token generator, but actually intercepts and steals SMS messages containingM obile Transaction Authentication Numbers (mTANs), which are automatically generated by a bank and sent to a user's mobile device to validate an online transaction.

On execution, FakeToken intercepts SMS messages containing mTANs and forwards them to a remote location or to a user. Details of where the SMS messages are sent are stored in an XML configuration file. In addition, the malware may also forward details of the compromised device to a remote location.


More

This malware is discussed in further detail in: Q1 2012 Mobile Threat Report (PDF).







Submit a sample


Wondering if a file or URL is malicious? Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)

Give And Get Advice




Give advice. Get advice. Share the knowledge on our free discussion forum.