New Trojan for Android available through the application Angry Birds Rio Unlock

Doctor Web, "warned users about a new dangerous malware families for smartphones running Android - Android.Plankton. Built-in application Angry Birds Rio Unlock, which gives access to hidden levels of this popular game, the Trojan sends malicious data on the infected device and loads it other malicious software.

Beginning in June 2011 marked the emergence of a large number of new malicious programs for mobile operating system Android. Interest in virus writing to the OS is not accidental: the application pests steal confidential information of owners of cellular phones, post secret by SMS messages to premium service numbers, and organize promotional mailing that one way or another, helps enrich the intruders.

June 9 experts from Doctor Web, Ltd. in the virus database has been added a new Trojan for Android - Android.Plankton. The main feature of this threat is that a malicious object is built into the application Angry Birds Rio Unlock, opening up access to the hidden level of popularity for various mobile platforms, the game Angry Birds. Only the official site of Android Market infected program was downloaded more than 150,000 times, and on alternative resources (in particular, with the famous collection of applications for Android androidzoom.com) the number of downloads reached 250,000.

In contrast to the previous day revealed a malicious application Android.Gongfu, a new Trojan Android.Plankton not use known vulnerabilities in operating systems to improve their own privileges. Implementation algorithm attack is as follows: immediately after the launch of an infected application Trojan downloads in the background, its own service, which collects information about the affected device (ID device, the version of SDK, information about the privileges of the file) and sends it to a remote server.

Then, a malicious program gets from the site of intruders data for subsequent download and install on your smartphone victim of another application, the functional which was assumed by analysts may vary. At present, specialists of Doctor Web, Ltd. is known about the several types of such malware. In particular, this package plankton_v0.0.3.jar and plankton_v0.0.4.jar, designed to run on the infected device receives commands from the control center.

To date, all known versions of the Trojan added to the virus bases Dr.Web, in connection with which Android.Plankton not terrible for Android users of Dr.Web anti-spam and Dr.Web for Android Light.