Trojan:Android/FakeUpdates, Trojan:Android/FakeUpdates.A


Trojan:Android/FakeUpdates silently forwards details of the device to a remote server, then downloads additional applications to the device's SD card.


Automatic action

Once the scan is complete, the F-Secure security product will ask if you want to uninstall the file, move it to the quarantine or keep it installed on your device.

Find out more

Knowledge Base

Find the latest advice in our Community Knowledge Base.

User Guide

See the user guide for your product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.

Technical Details

On installation, Trojan:Android/FakeUpdates forwards details of the compromised device, including its International Mobile Equipment Identity (IMEI) number and its International Mobile Subscriber Identity (IMSI) number, to a remote location.

It then retrieves and decrypts URLs stored in another remote location; these URLs point to the location of a number of applications, which the malware later attempts to download to the 'download' folder on the device's SD card.


This malware is discussed in further detail in: Q1 2012 Mobile Threat Report (PDF).

Date Created: -

Date Last Modified: -