目前的Android恶意软件分类
本文总共列出了119类恶意软件家族
列表列出了截止日期是2013年2月28日的Android平台上的木马以及在mobile-sandbox-system上的检测结果。这个表会一直更新,每个家族选取一列来做说明
中文软件下载链接:http://download.csdn.net/detail/grace_0642/6935385
Current Android Malware
Here is the full list of Android-Malware-Families with their corresponding reports from our mobile-sandbox-system. We will try to keep this table up-to-date.
We took one sample of each family for the data within this table.
Description | Features | Mobile-Sandbox Report |
Android.AccuTrack This application turns an Android smartphone into a GPS tracker. |
|
--- |
Android.Ackposts This Trojan steals contact information from the compromised device and uploads them to a remote server. |
--- | |
Android.Acnetdoor This Trojan opens a backdoor on the infected device and sends the IP address to a remote server. |
|
--- |
Android.Adsms This is a Trojan which is allowed to send SMS messages. The distribution channel of this malware is through a SMS message containing the download link. |
|
X |
Android.AnServer/Answerbot Opens a backdoor in Android devices and is able to steal personal information which will be uploaded to a remote server afterwards. |
X | |
Android.Antares/Antammi This is a Trojan which steals personal information from the infected device. |
--- | |
Android.Arspam This malware represent the first stage of politically-motivated hacking (hacktivism) on mobile platforms. |
X | |
Android.Basebridge Forwards confidential details (SMS, IMSI, IMEI) to a remote server. |
|
X |
Android.BeanBot This is a Trojan which is allowed to send SMS messages and which is controlled by a C&C-Server. |
|
--- |
Android.BgServ Obtains the user's phone information (IMEI, phone number, etc.). The information is then uploaded to a specific URL. |
|
X |
Android.Biige This spyware records SMS messages, calls, location, etc. and uploads these data to a remote server. |
|
--- |
Android.Booster This application steals personal information and uploads these data to a remote server. |
--- | |
Android.Boxer This trojan sends SMS messages to premium rated numbers. |
--- | |
Android.Carberp Tries to steal confidential banking authentication codes (mTAN messages) sent to the infected device. |
|
--- |
Android.Cawitt This application steals personal information and uploads these data to a remote server. |
--- | |
Android.Cellspy This application is a smartphone tracker. |
--- | |
Android.Coogos Backdoor Trojan which has the capability to receive a remote connection from a malicious hacker and perform actions against the compromised system. |
|
--- |
Android.CopyCat Is a aggressive and malicious ad network. The main goal is to generate revenue. |
--- | |
Android.Cosha This applications monitor the infected device and send personal data to a remote server. |
--- | |
Android.Counterclank Is no real malware but a very aggressive ad-network with the capability to steal privacy related information. |
|
X |
Android.Crusewind Intercepts incoming SMS messages and forwards them to a remote server including informations like IMSI and IMEI. |
X | |
Android.Dogowar This Trojan sends spam SMS messages to all contacts. |
--- | |
Android.Dougalek This application steals personal information and uploads these data to a remote server. |
--- | |
Android.DroidDeluxe Exploits the device to gain root privilege. Afterwards it modifies the access permission of some system database files and tries to collect account information. |
X | |
Android.DroidDream Uses two different tools (rageagainstthecage and exploid) to root the smartphone. |
|
X |
Android.DroidDreamLight Gathers information from an infected mobile phone (device, IMEI, IMSI, country, list of installed apps) and connects to several URLs in order to upload this data. |
|
X |
Android.DroidKungfu Collects a variety of information on the infected phone(IMEI, device, OS version, etc.). The collected informaiton is dumped to a local file which is sent to a remote server afterwards. |
|
X |
Android.DroidSheep This application can capture and hijack unencrypted web sessions. |
--- | |
Android.Extension/Monad This Trojan is able to intercept incoming and outgoing phone calls, open a browser and visit specific websites, execute clicks on advertisements and is able to upgrade its own malicious code. Furthermore, the corresponding app can make phone calls, send SMS messages and collects privacy related information like call history, contacts, GPS location and device ID which all will be uploaded to a remote server. |
|
--- |
Android.FaceNiff This application can capture and hijack unencrypted web sessions. |
--- | |
Android.FakeAngry Backdoor Trojan which has the capability to receive a remote connection from a malicious hacker and perform actions against the compromised system. |
|
--- |
Android.FakeDoc This Trojan installs additional applications. |
--- | |
Android.FakeFlash This Trojan redirects the user trough paid proxies. |
--- | |
Android.FakeInst The most common Fraudware. These applications send premium SMS messages. |
--- | |
Android.FakeNefix This application steals user credentials. |
--- | |
Android.FakePlayer Sends SMS messages to preset numbers. |
X | |
Android.FakeRegSMS It sends SMS messages to premium rated numbers and tries to hide this action from the malware investigators by using some kind of steganography. |
X | |
Android.FakeTimer Sends personal information to a remote server and opens pornographic websites |
|
--- |
Android.Find and Call/Fidall Sends personal information (address book) to a remote server. |
--- | |
Android.Finspy This Trojan is a component of a commercial surveillance product that monitors user activity. |
|
--- |
Android.Fjcon This Trojan connects to a C&C-Server and has the ability to install additional packages and send premium rated SMS messages. |
|
--- |
Android.Flexispy This malware tracks phone calls, SMS messages, internet activity and GPS location. |
X | |
Android.Foncy This Trojan sends premium rated SMS messages. |
--- | |
Android.Fokange/Fokonge Is a information stealing malware which uploads the stolen data to a remote server. |
--- | |
Android.Gamex Opens a back door and installs additional applications. |
|
--- |
Android.Geinimi Opens a back door and transmits information from the device (IMEI, IMSI, etc.) to a specific URL. |
|
X |
Android.GGTracker Sends various SMS messages to a premium rated number. It also steals information from the device. |
X | |
Android.GingerBreak GingerBreak is a root exploit for Android 2.2 and 2.3 |
--- | |
Android.GingerMaster/GingerBreaker Gains root access and is harvesting data on infected smartphones. This data is send to a remote server afterwards. |
|
--- |
Android.GoldenEagle/GlodEagl This Trojan steals personal information and receives commands via SMS. |
|
--- |
Android.GoneIn60Seconds Steals information (SMS messages, IMEI, IMSI, etc.) from infected smartphone and uploads the data to a specific URL. |
X | |
Android.GPspy Tracks the location of the infected device. |
--- | |
Android.HippoSMS Sends various SMS messages to a premium rated number and deletes the incoming SMS messages from this numbers. |
--- | |
Android.HongTouTou/Adrd Is an information stealing malware which uploads the stolen data through a local proxy to a remote server. The data is encrypted beforehand. |
--- | |
Android.Iconosys This application steals personal data. |
--- | |
Android.Imlog This application steals personal data. |
--- | |
Android.Jifake This application sends premium rated SMS messages. |
--- | |
Android.Jsmshider/Xsider Opens a backdoor and sends information to a specific URL. |
--- | |
Android.Kidlogger This Trojan steals personal information and sends it to a remote server. |
--- | |
Android.KMIN Attempts to send Android device data to a remote server. |
X | |
Android.Ksapp This Trojan has the capabilities to remote access connection handling, perform DoS or DDoS, capture keyboard inputs, delete files or objects, or terminate processes. |
|
--- |
Android.LeNa LeNa needs a rooted device for the following actions: Communicating with a C&C-Server, downloading and installing other applications, initiating web browser activity, updating installed binaries, and many more.... |
|
X |
Android.Loicdos This Trojan has the capability to perform DoS or DDoS. |
--- | |
Android.Loozfon This Trojan steals personal data. |
--- | |
Android.Lovetrap/Luvrtrap Sends SMS messages to premium rated numbers and steals smartphone information. |
X | |
Android.Luckycat Opens a backdoor and is listening for commands from a remote server. |
|
--- |
Android.Maistealer This Trojan steals personal data |
--- | |
Android.Mania This Trojan sends SMS messages to premium rated numbers. |
--- | |
Android.MMarketPay This Trojan can automatically buy applications in Chinese Android marketplaces. |
--- | |
Android.MobileSpy This Trojan steals personal data. |
--- | |
Android.MobileTx This Trojan steals personal data and sends it via SMS messages or HTTP. |
--- | |
Android.Mobinauten This application tracks the location of the infected smartphone. |
--- | |
Android.Moghava Compromises all pictures of the smartphone by merging them with a picture of Ayatollah Khomeini. |
X | |
Android.Nandrobox This Trojan steals personal data and deletes certain SMS messages. |
--- | |
Android.Netisend Gathers information from infected smartphones and uploads the data to a specific URL. |
X | |
Android.Nickispy Gathers information from infected smartphones (IMSI, IMEI, GPS location, etc.) and uploads the data to a specific URL. |
|
X |
Android.OpFake The second most common Fraudware. These applications send premium SMS messages. |
--- | |
Android.PDAspy This Trojan steals personal data and location information. |
|
--- |
Android.Penetho This application is a hack tool to crack WiFi passwords. |
--- | |
Android.Pjapps Opens a backdoor and steals information from the device. This malware has capabilities of a bot implemented. |
X | |
Android.Placms This Trojan has the capabilities to remote access connection handling, perform DoS or DDoS, capture keyboard inputs, delete files or objects, or terminate processes. |
|
--- |
Android.Plankton This malware has the capabilities to communicate with a remote server, download and install other applications, send premium rated SMS messages, and many many more.... |
|
--- |
Android.Qicsomos It sends SMS messages to premium rated numbers. |
X | |
Android.Raden This malware is sending one SMS message to a chinese premium number. |
|
X |
Android.RootSmart/Bmaster This malware is taking advantage of the GingerBreak exploit to gain root privileges. This exploit is not embedded into the application instead it is dynamically downloaded from a remote server together with other malicious apps. |
|
X |
Android.RuFraud Sends premium rated SMS messages. This is the first malicious app of this kind which was specially build for European countries. |
|
X |
Android.Saiva This Trojan has the capabilities to remote access connection handling, perform DoS or DDoS, capture keyboard inputs, delete files or objects, or terminate processes. |
|
--- |
Android.Scavir Sends SMS messages to premium rated numbers. |
X | |
Android.SeaWeth This Trojan has the capabilities to remote access connection handling, perform DoS or DDoS, capture keyboard inputs, delete files or objects, or terminate processes. |
|
--- |
Android.SMSpacem Gathers information from the smartphone and uploads this data to a specific URL. This malware also sends SMS messages. |
|
X |
Android.SMSreg Registers the infected smartphone to non-free services. |
--- | |
Android.SMSilence/SMSCatcher SMS Trojan targeting Starbucks consumers in South Korea. This Trojan receives all incomming SMS messages and uploads them to a remote Server. |
--- | |
Android.SMSspy Banking Trojan targeting consumers in Spain. |
--- | |
Android.SMSsniffer Sends copies of SMS messages to other devices. |
X | |
Android.Sndapps/Snadapps The malware is able to access various information from the device: the carrier and country, the device's ID, e-mail address and phone number and uploads this information to a remote server. |
--- | |
Android.SpamBot Sends SMS spam messages. The application gets the content of the spam message and the receiver numbers through a C&C-Server. |
|
--- |
Android.Spitmo Is one of the first versions of the SpyEye Trojans for the Android OS which steals information from the infected smartphone. The Trojan also monitors and intercepts SMS messages from banks (mTAN messages) and uploads them to a remote server. |
|
X |
Android.SPPush This malware is sending premium rated SMS messages and is posting privacy related information to a remote server. From the same server the malware is downloading new applications. |
|
X |
Android.SpyBubble This Trojan steals personal data. |
--- | |
Android.SpyOO This Trojan records and steals personal data. |
--- | |
Android.Ssucl This Trojan is the first Android Trojan which is able to infect a connected Windows PC. Additionally, it is able to send SMS messages, enable Wi-Fi, gather information about the device and its user (like contacts, photos, GPS data) which is uploaded to a remote server. Furthermore, this Trojan is able to upload the whole SD card and all SMS messages stored on the device. |
|
--- |
Android.Steek/Fatakr Is a fraudulent app advertising an online income solution. Some of the samples have the capability to steal privacy related information and send SMS messages. |
|
X |
Android.TapSnake/Droisnake Posts the phone's location to a web service. |
X | |
Android.Tascudap This application connects to a remote server (gzqtmtsnidcdwxoborizslk.com) and monitors incoming SMS messages for comands. The infected device can be used for DDoS attacks. |
|
--- |
Android.Tetus This Trojan receives all incomming SMS messages and uploads them to a remote server. The corresponding app is also allowed to delete SMS messages on the infected device and is able to send SMS messages. Additionally, the Trojan sends a list of all installed apps to a remote server. |
|
--- |
Android.TigerBot This malware is communicating with a C&C-Server via SMS messages, is able to download and install other applications, initiate web browser activities, update installed binaries, and many more.... |
|
--- |
Android.Tonclank Opens a backdoor and downloads files onto the infected devices. It also steals information from the smartphone. |
X | |
Android.TGloader/Stiniter Listens to a C&C-Server for commands. This Trojan can install additional applications and send premium rated SMS messages. |
|
--- |
Android.TypStu This Trojan steals personal data. |
--- | |
Android.UpdtBot This malware spreads through malicious SMS messages and communicates with a C&C-Server. The corresponding samples have the ability to install additional packages and send premium rated SMS messages. |
|
--- |
Android.UpdtKiller This Trojan detects and disables installed AV applications. |
--- | |
Android.Uxipp This malware attempts to send premium rated SMS messages. |
--- | |
Android.Vdloader This malware opens a backdoor on the infected device and steals personal data. |
|
--- |
Android.Walkinwat/Pirater Sends SMS messages to all numbers within the phone book and steals information from the infected device. |
X | |
Android.YZHC This malware is sending premium rated SMS messages and blocks any incomming message that informs the user about this services. As another malicious behaviour the malware is uploading privacy critical information to a remote server. |
|
X |
Android.Zeahache Opens a backdoor and uploads stolen information to a specific URL. It also sends SMS messages. |
|
X |
Android.ZergRush ZergRush is a root exploit for Android 2.2 and 2.3 |
--- | |
Android.Zitmo/Citmo Tries to steal confidential banking authentication codes (mTAN messages) sent to the infected device. |
|
X |
Android.Zsone Sends SMS messages to premium rated numbers related to subscription for SMS-based services. |
|
--- |
(last update 28th of February 2013)
Functionallity of a Botnet | |
Gains root access or at least tries to convince the user to root his phone | |
Downloaded through the official Google-Market | |
Sends paid or malicious SMS messages | |
Steals location information | |
Information stealing to a remote server | |
Installs other applications or binaries | |
Potentially unwanted application ("Hacker"-Tools) | |
Banking Trojan which is able to intercept and modify banking authentication codes (mTAN messages). | |
Trojan which is able to infect a connected Windows PC. |
目前的Android恶意软件分类相关推荐
- Android恶意软件特征及分类
针对Android的恶意软件,除了熟知的木马.病毒,还有勒索软件(ransomware).广告(adware)和间谍软件(spyware). 要研究Android的恶意软件,首先需要知道,软件的哪些行 ...
- 检测恶意软件分类模型中的概念漂移
科研笔记 论文题目-检测恶意软件分类模型中的概念漂移 共形预测 (conformal prediction)是一种置信度预测器,它生成具有用户定义的错误率的预测.在某个置信度水平下,所有预测范围的那部 ...
- Android恶意软件的行为总结
针对Android的恶意软件,除了熟知的木马.病毒,还有勒索软件(ransomware).广告(adware)和间谍软件(spyware). 要研究Android的恶意软件,首先需要知道,软件的哪些行 ...
- 最流行的10种Android恶意软件类别解释
常见三种Android恶意软件 本节讲的是恶意软件大类别. (1) Repacking 恶意软件作者通过反编译流行的应用,植入恶意程序,并投放到市场.用户安装这些被感染的应用,就中毒了.注意流行的应用 ...
- Android恶意软件偷取Uber凭证
近期,一种新的Android恶意软件变种Android.Fakeapp被研究人员所披露.据了解该Android恶意软件主要目标是窃取Uber用户的凭证信息,然后使用合法的Uber app的深层链接来隐 ...
- 协变量偏移_恶意软件分类的协变量偏移
协变量偏移 介绍 (Introduction) Covariate shift in the data-generating distribution lowers the usefulness of ...
- 基于AI恶意软件分类技术(5)
2021年恶意软件分类综述:Malware classification and composition analysis: A survey of recent developments 恶意软件的 ...
- Android恶意软件模拟器检测技术
前言 下面的报告来自SophosLabs实验室的Android安全专家陈宇,还有来自Android组的成员William Lee, Jagadeesh Chandraiah and Ferenc Lá ...
- 新的Android恶意软件!可窃取银行密码,看看怎么防御?
国内知名网络安全组织,东方联盟安全研究人员对新发现的Android发出警报,针对银行应用和加密货币钱包的恶意软件.该恶意软件命名为EventBot,伪装成合法的Android应用程序,如Adobe F ...
最新文章
- vue 调用共众url_vue单页面,在微信公众号支付中遇到的URL未注册BUG解决方法-Go语言中文社区...
- java中的随机生成算法_Java生成随机时间的简单随机算法
- 笔记本电脑投屏到电视_Thinkpad笔记本PC无线连接电视或投影机,性能稳定的商用投屏解决方案...
- mysql什么情况会加意向锁_MySQL中的锁4-插入意向锁和自增锁
- 数据结构和算法解析:排序问题简易总结
- 理解RAID的四种级别
- svn回退到上一个版本_Git汇总--对象及版本库存储
- 第一章计算机基础知识作业答案,计算机基础作业题1答案
- 计算机视觉论文-2021-07-28
- 计算机考试有python吗_计算机二级考试有python吗
- 华为mate40鸿蒙系统用久了会卡吗,华为mate40用多久会卡_华为mate40能流畅使用多久...
- 世界前五大IT咨询公司
- 英语中常用的时态有哪几种?
- android八方向手势,Android开发中顺时针逆时针滑动手势的识别算法
- 软件项目管理EAC、ETC的计算
- 教你微信怎么投票快之微信投票快速投票方法
- H3CNE考试模拟试题
- C++知识点(持续更新)
- Acer暗影骑士U盘重装系统教学分享
- GPU渲染技术及性能优化
热门文章
- 多数据中心的百万级消息服务实战
- 看完这篇,code review 谁敢喷你代码写的烂?怼回去!
- 某程序员求助:因考虑不周,签字确认后又拒了虾皮offer,被hr告知进入黑名单,永不录用!以后还能进虾皮吗?...
- 网传京东某程序员因压力太大,在商品页面置入骂人代码!京东辟谣:不关我们的事,外部商家干的!...
- 3年工作必备 装饰器模式
- 全网最细 | 21张图带你领略集合的线程不安全
- RocketMQ 一行代码造成大量消息丢失
- Java内存模型终于能讲明白啦,建议收藏!
- 京东程序员被同事吐槽:需求排期长拖黄业务,都研发的一些啥玩意
- 学了那么多年设计模式依然不会用!那可真蠢!