Monitoring-Tool:Android/AndroidAgent.A

Classification

Malware

Monitoring-Tool

Android

-

Summary

AndroidAgent.A is a monitoring tool that silently records phone calls and checks for incoming SMS messages.

Removal

Automatic action

Once the scan is complete, the F-Secure security product will ask if you want to uninstall the file, move it to the quarantine or keep it installed on your device.

Find out more

Knowledge Base

Find the latest advice in our Community Knowledge Base.

User Guide

See the user guide for your product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.

Technical Details

AndroidAgent.A is a tool that monitors phone calls and SMS messages in the compromised device.

During installation, it requests for a number of permissions that will allow it to access contact data, SMS messages, location and Internet access on the affected device. Once installed, it hides its presence by not placing any significant icon on the home screen.

Permissions requested by AndroidAgent.A

AndroidAgent.A silently records all incoming and outgoing calls, and checks for specific incoming SMS messages. The content found at the beginning of these messages will determine further actions to be carried out next.

  • 0#: Master Number. Store the number from sender as Administrator.
  • 99#: Register Shareware. Use the number to register shareware.
  • 9#: Send an SMS message containing IMEI and SIM serial number to the Master Number.
  • 18#: Store the string after '#' as 'UserName,' and use it for uploading recorded files inhttp://[...]loongware.com/[...]/upload.php.
  • 10#: Start 'MyPeopleService' that sends SMS messages containing contact details from the phone book to the Master Number.
  • 8#: Start 'MyLocationService' that sends the location of the device.

While apps with such behavior may be legitimately used by the device's authorized user, they are classified by security programs as riskware because in the hands of unauthorized users, they can also be used to cause damage to the user's data or the device.

If you are confident that you are aware of the risks involved in using the program and consent to its use, you may choose to keep it installed on your device.

Date Created: 2012-08-15 00:00:00.0

Date Last Modified: 2012-08-15 00:00:00.0