About three months back, security expert Kaspersky Labs identified what it claimed to be the most sophisticated Android Trojan and termed it ‘Backdoor.AndroidOS.Obad.a.’ Since then it has being analyzing the Trojan and observed a unique pattern in the way it spread, using ‘alien’ botnets to infect devices.
According to Kaspersky, Obad.a attacks in two steps along with another Trojan termed TrojanSMS.AndroidOS.Opfake.a. They start by sending a SMS asking a user to download a recently received text message. On clicking the link, an Opfake.a Trojan is automatically downloaded onto the smartphone or tablet. The first thing it does is send similar messages to all the user’s contacts so it can affect as many devices as possible. Then it downloads Obad.a on the device.
Another method of spreading the Trojan is through spam messages, which deceive users to pay unpaid debts by clicking on the attached link. The hackers have also used fake app stores, which look the same as Google Play Store, but have fraudulent links. These links redirect a user to a page, which has the Trojan waiting to strike.
Kaspersky recorded most of these Trojan attacks in countries like Russia, Ukraine, Belarus, Uzbekistan and Kazakhstan. It also observed that though this Trojan was very sophisticated in nature it only affected smartphones and tablets and had no adverse effects on computers.