Trojan:Android/BeanBot.A Description

GO TO: Summary | Removal | Technical Details

Classification

Category: Malware

Type: Trojan

Platform: Android

Aliases: Trojan:Android/BeanBot.A

Summary

BeanBot.A forwards device's data to a remote server and sends out premium-rate SMS messages from the infected device.

Removal

Automatic action

Once the scan is complete, the F-Secure security product will prompt you to assess the file and choose to Uninstall, Quarantine or keep it installed on your device.

Knowledge Base

Find the latest advice in our Community Knowledge Base.

About the product

See the manual for your F-Secure product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.

Technical Details

Upon launching, BeanBot.A prompts an 'update' option that would connect to a command and control (C&C) server when clicked on. It then forwards the following information to the server:

International Mobile Equipment Identity (IMEI) number
International Mobile Subscriber Identity (IMSI) number
Phone number

Additionally, BeanBot.A also sends out premium-rate SMS messages from the infected device, leaving the user with a hefty bill charged to his or her account.

BeanBot.A listed as 'BlowUp,' and the permissions it requested upon installation

Trojan:Android/BeanBot.A