Trojan:Android/FakeToken

Threat description

Details

CATEGORYMalware
TYPETrojan
PLATFORMAndroid

Summary

Trojan:Android/FakeToken steals SMS messages containing mTAN numbers generated by banks to validate online transactions.

Removal

Automatic action

When detected during scanning, F-Secure SAFE will prompt you for a desired action. You may assess the detected file and choose to Uninstall, Quarantine or keep it installed on your device. More information about these options can be found at Help Center: Assess files detected during scanning.

More

More information on the scanning and removal options available in your F-Secure product can be found in the Help Center.

You may also refer to the Knowledge Base on the F-Secure Community site for more information.

Contact Support

For further assistance, F-Secure customers can request support online via the Request support or the Chat forms on our Home - Global site.

Technical Details

FakeToken.A pretends to be a mobile token generator, but actually intercepts and steals SMS messages containingM obile Transaction Authentication Numbers (mTANs), which are automatically generated by a bank and sent to a user's mobile device to validate an online transaction.

On execution, FakeToken intercepts SMS messages containing mTANs and forwards them to a remote location or to a user. Details of where the SMS messages are sent are stored in an XML configuration file. In addition, the malware may also forward details of the compromised device to a remote location.

More

This malware is discussed in further detail in: Q1 2012 Mobile Threat Report (PDF).

Submit a Sample

Suspect a file or URL was wrongly detected? Send it to our Labs for further analysis

Submit a Sample

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

More Info