An Android application lure users with the promise of increased battery performance upon installation but it is a Trojan. The Trojan covertly scans address books and broadcasts phone numbers and email addresses to an attacker-controlled domain.
After sending all contact details, it displays an image with a GONE visibility state, followed by a message written in Chinese lanaguage. "I am sorry. Your terminal is not available or unsupported" Translated from Chinese.
Users then believe the app really isn’t compatible with their handset and usually uninstall it, believing nothing happened.
"Although the message is in Chinese, the Trojan is perfectly capable of infecting any Android-running device and scan address books regardless of region or carrier. " BitDefender researcher says.
The application does nothing to improve battery performance and users are left believing their device was simply incompatible with the app. Even the app’s icon is pretty convincing, displaying a green battery logo.
