Home > Threat descriptions >

Trojan:Android/FakeToken

Classification

Category: Malware

Type: Trojan

Platform: Android

Aliases: Trojan:Android/FakeToken, Trojan:Android/FakeToken.A

Summary


Trojan:Android/FakeToken steals SMS messages containing mTAN numbers generated by banks to validate online transactions.

Removal


Automatic action

Once the scan is complete, the F-Secure security product will prompt you to assess the file and choose to Uninstall, Quarantine or keep it installed on your device.

Knowledge Base

Find the latest advice in our Community Knowledge Base.

About the product

See the manual for your F-Secure product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.

Technical Details


FakeToken.A pretends to be a mobile token generator, but actually intercepts and steals SMS messages containingM obile Transaction Authentication Numbers (mTANs), which are automatically generated by a bank and sent to a user's mobile device to validate an online transaction.

On execution, FakeToken intercepts SMS messages containing mTANs and forwards them to a remote location or to a user. Details of where the SMS messages are sent are stored in an XML configuration file. In addition, the malware may also forward details of the compromised device to a remote location.

More

This malware is discussed in further detail in: Q1 2012 Mobile Threat Report (PDF).