Trojan:Android/Plankton variants silently forward information about the device to a remote location. In addition, they download an additional file onto the device.
When detected during scanning, F-Secure SAFE will prompt you for a desired action. You may assess the detected file and choose to Uninstall, Quarantine or keep it installed on your device. More information about these options can be found at Help Center: Assess files detected during scanning.
More information on the scanning and removal options available in your F-Secure product can be found in the Help Center.
You may also refer to the Knowledge Base on the F-Secure Community site for more information.
Once installed on a device, Trojan:Android/Plankton will forward the following details (about the Plankton app itself) to a remote server:
On receiving this information, the server contacted returns a URL, from which Plankton retrieves a JAR file.
In addition to collecting the details for the Plankton app, the trojan will also collect the following information:
These details are also forwarded to the remote server.
Plankton variants are also able to perform the following actions on the device, among others: