Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Trojan:Android/Gepew


Aliases:


Trojan:Android/Gepew
Android/SpyBanker
Android.Trojan.Gepew
Android.Fakebank

Malware
Trojan
Android

Summary

Trojan:Android/Gepew is installed on a mobile device as part of a PC-based malware's payload and attempts to replace installed apps with trojanized versions.



Disinfection & Removal

F-Secure's Mobile Security product blocks installation of this program with default settings.



Technical Details

Trojan:Android/Gepew variants are reportedly installed on a mobile device as part of the payload of a PC-based trojan, Droidpak. When this trojan infects a Windows system, it downloads a mobile app onto the machine and then attempts to install it onto any Android devices connected to the system by a USB cable. For installation to be successful, the device must have the setting 'Enable USB debugging' enabled.

When installed, Gepew will scan the device for installed apps associated with South Korean banks. If found, Gepew prompts the user to remove these apps; if complied with, trojanized versions of these apps are installed. The trojan may also monitor and intercept incoming SMS messages, which are forwarded to a remote server. For more information, see:







Submit a sample




Wondering if a file or URL is malicious? Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)

Give And Get Advice




Give advice. Get advice. Share the knowledge on our free discussion forum.

Scan and clean your PC




F-Secure Online Scanner will scan and clean your PC in just a few minutes for free