Mobile Virus

Android/SMSAgent.GR!tr

Analysis

Android/SMSAgent.GR!tr is a Trojan horse for mobile phones running Android 2.1 or greater. It sends SMS to a certain service provider phone number. Those tasks are done without consent of the victim. The malicious package often disguises itself as a mobile phone update package.

  • Once installed, the package displays an icon in the Application Launcher, but the malware uses a name that will probably have the victim believe this is a genuine system application.

  • The malware creates shortcut, when customer clicks the shortcut, it opens unsafe website.

  • It sends sms which contains the victim's personal infomation to a certain server.

  • The malware encrypts most of the methods and data.

  • Recommended Action

      FortiGate Systems
    • Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
      FortiClient Systems
    • Quarantine/delete files that are detected and replace infected files with clean backup copies.