Riskware/Towelroot!Android
Analysis
Riskware/TowelRoot!Android is the detection for an Android application that is supposed to root an Android device. The application also sends the user's device information to a remote server.
Upon installation, the user can notice that the application requests permission to access the device's network connectivity.
Below are some of the details being sent from the customer's phone to the server:
- Device model
- Build fingerprint of the malware
- Name of hardware
- Serial of the hardware
- Kernel version
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
FortiGate | |
---|---|
Extended | |
FortiClient | |
Extreme | |
FortiAPS | |
FortiAPU | |
FortiMail | |
Extreme | |
FortiSandbox | |
Extreme | |
FortiWeb | |
Extreme | |
Web Application Firewall | |
Extreme | |
FortiIsolator | |
Extreme | |
FortiDeceptor | |
Extreme | |
FortiEDR |