BeanBot.A forwards device's data to a remote server and sends out premium-rate SMS messages from the infected device.
When detected during scanning, F-Secure SAFE will prompt you for a desired action. You may assess the detected file and choose to Uninstall, Quarantine or keep it installed on your device. More information about these options can be found at Help Center: Assess files detected during scanning.
More information on the scanning and removal options available in your F-Secure product can be found in the Help Center.
You may also refer to the Knowledge Base on the F-Secure Community site for more information.
Upon launching, BeanBot.A prompts an 'update' option that would connect to a command and control (C&C) server when clicked on. It then forwards the following information to the server:
Additionally, BeanBot.A also sends out premium-rate SMS messages from the infected device, leaving the user with a hefty bill charged to his or her account.
BeanBot.A listed as 'BlowUp,' and the permissions it requested upon installation