Virus: Android/Leech.A

Android/Leech is a malware available on Google Play that looks like a legitimate game (BrainTest) for the user but, after be installed its decrypt a malicious payload that can root your device to install it self persistently and run with full privileges to execute any other malicious code that could include thief identity, unwanted payments via SMS, spying functionality and others because the code is dynamically loaded from a command and control server.

Methods of Infection

Android/Leech.A is available in Google Play and Third Party Markets as a game (BrainTest) but could be injected in other packages.

Virus Characteristics

The malicious packages requires the following permissions Android.permission.ACCESS_NETWORK_STATE Android.permission.ACCESS_WIFI_STATE Android.permission.INTERNET Android.permission.READ_PHONE_STATE Android.permission.WAKE_LOCK The malware will execute an exploit to run as root and then download the payload from a command and control server

Leave a Reply

Your email address will not be published. Required fields are marked *