ID 4563064
Released Jan 30, 2013
Description Updated Apr 29, 2013

Detection Availability

FortiGate
Extended switch-on-logo
FortiClient switch-on-logo
FortiMail switch-on-logo
FortiSandbox switch-on-logo
FortiWeb switch-on-logo
FortiADC WAF Security switch-on-logo
FortiIsolator switch-on-logo
FortiDeceptor switch-on-logo
FortiEDR switch-on-logo

Threat Profile

Aliases:
  • a variant of Android/TrojanSMS.Agent.GR trojan (NOD32)
Platform: Android

Android platform


Update History

Date Version Detail
2021-04-21 85.00617
2020-12-09 82.42900
2019-10-09 72.20400
2019-08-30 71.24400
2019-05-13 68.49800

Threat Encyclopedia

Android/SMSAgent.GR!tr

description-logoAnalysis

Android/SMSAgent.GR!tr is a Trojan horse for mobile phones running Android 2.1 or greater. It sends SMS to a certain service provider phone number. Those tasks are done without consent of the victim. The malicious package often disguises itself as a mobile phone update package.

  • Once installed, the package displays an icon in the Application Launcher, but the malware uses a name that will probably have the victim believe this is a genuine system application.

  • The malware creates shortcut, when customer clicks the shortcut, it opens unsafe website.

  • It sends sms which contains the victim's personal infomation to a certain server.

  • The malware encrypts most of the methods and data.

    • recommended-action-logoRecommended Action

      FortiGate Systems
    • Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
      FortiClient Systems
    • Quarantine/delete files that are detected and replace infected files with clean backup copies.

    Telemetry logoTelemetry