Trojan:Android/FakeUpdates silently forwards details of the device to a remote server, then downloads additional applications to the device's SD card.
On installation, Trojan:Android/FakeUpdates forwards details of the compromised device, including its International Mobile Equipment Identity (IMEI) number and its International Mobile Subscriber Identity (IMSI) number, to a remote location.
It then retrieves and decrypts URLs stored in another remote location; these URLs point to the location of a number of applications, which the malware later attempts to download to the 'download' folder on the device's SD card.
This malware is discussed in further detail in: Q1 2012 Mobile Threat Report (PDF).
Date Created: -
Date Last Modified: -