Home > Threat descriptions >

Riskware:Android/FakeAngry.variant!Online

Classification

Category:  Riskware

Type:  Riskware

Platform:  Android

Aliases:  Riskware:android/fakeangry.variant!online

Summary


This detection from the F-Secure Security Cloud identifies Android apps with code or behavior similar to Trojan:Android/FakeAngry. This known threat silently gathers information from the device and forwards the details to a remote location.

Removal


Automatic action

Once the scan is complete, the F-Secure security product will prompt you to assess the file and choose to Uninstall, Quarantine or keep it installed on your device.

Knowledge Base

Find the latest advice in our Community Knowledge Base.

About the product

See the manual for your F-Secure product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.

Technical Details


F-Secure Security Cloud is an online reputation service that provides the latest analysis and reputation rating for programs, files and websites. If a questionable program or file is found during a scan, a query is sent to the Security Cloud to get the most recent reputation rating for it.

Based on the settings of your F-Secure security product, it will then use the information from Security Cloud (and if needed, further analysis) to determine whether to delete, quarantine or block the program or file.

The Security Cloud rating for the identified app indicates that it has code or behavior similar to Trojan:Android/FakeAngry.

FakeAngry variants are usually copies of a popular program that have been recompile or trojanized to include malicious components. These altered apps are then redistributed, either under their original branding or with new names.

Once installed, the app gathers the following information from the compromised device and forwards the details to a remote location:

  • Device ID
  • International Mobile Equipment Identity (IMEI) number
  • International Mobile Subscriber Identity (IMSI) number
  • SDK version
  • SIM serial number
  • Subscriber ID
More

This program is discussed in further detail in: Q1 2012 Mobile Threat Report (PDF).