My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets


Virus library

An analysis of the technologies used by cybercriminals allows us to draw conclusions about the virus industry’s possible vectors of development and more effectively confront future threats. You, too, can learn what actions various malicious programs take in infected systems and how to withstand them.

Android.Mobifun.4 in virus library:

A family of Trojans for Android whose main function is to download other software.

The Android.Mobifun Trojans send the following information to the command and control server:

  • IMEI identifier;
  • IMSI identifier;
  • BSSID identifier of the current Wi-Fi access point;
  • Current operating system version;
  • Display parameters;
  • MCC (Mobile Country Code) identifier;
  • MNC (Mobile Network Code) identifier;
  • Mobile network operator;
  • GSM Cell ID (an identifier of the mobile operator’s base station to which the user’s phone is connected);
  • GSM Cell Location area code (a code for determining coordinates of the mobile operator’s base station);
  • RAM amount;
  • ROM amount;
  • SD card memory amount;
  • Presence of the malicious application in the /system folder.

Upon cybercriminals’ command, Trojans can execute the following actions:

  • Download an APK file and show a notification prompting a user to install the corresponding application.
  • Load a specified URL in the browser window.

Some versions of the Android.Mobifun Trojans can also send SMS messages.

Vulnerabilities for Android

According to statistics, every fifth program for Android contains a vulnerability (or, in other words, a "loophole") that lets cybercriminals successfully introduce Trojans onto mobile devices and manipulate them into doing whatever actions they need them to.

Dr.Web Security Auditor for Android diagnoses and analyses a mobile device’s security and offers solutions to address security problems and vulnerabilities.