Android/Spy.Zitmo [Threat Name] go to Threat

Android/Spy.Zitmo.A [Threat Variant Name]

Category trojan
Size 207544 B
Detection created Jun 19, 2012
Detection database version 7232
Detection Android db version 3.1324
Aliases TrojanSpy:AndroidOS/FakeSecSuit.A (Microsoft)
  HEUR:Trojan-Spy.AndroidOS.Zitmo.a (Kaspersky)
Short description

Android/Spy.Zitmo.A is a trojan that steals sensitive information. The trojan attempts to send gathered information to a remote machine.

Installation

The trojan must be downloaded and manually installed.


The trojan disguises itself as the Android Security Suite Premium application.

When executed the trojan displays the following picture:

Information stealing

Android/Spy.Zitmo.A is a trojan that steals sensitive information.


The trojan collects the following information:

  • incoming SMS messages
  • name, type and device version
  • IMEI number
  • IMSI number

The trojan attempts to send gathered information to a remote machine.


The trojan contains an URL address. The HTTP protocol is used.

Other information

The trojan contains a backdoor. It can be controlled remotely.


The trojan may execute the following commands:

  • steal sensitive information
  • send gathered information
  • uninstall itself
  • enable/disable malicious application

Please enable Javascript to ensure correct displaying of this content and refresh this page.