Spy/SeekDroid!Android

description-logoAnalysis

Spy/SeekDroid!Android runs on Android mobile devices. The application is initially meant to help legitimate users find their lost Android phone. However, it unfortunately can be used by an attacker against a legitimate user, which is why the application is detected as a potential Spyware.

Figure 1. Features of SeekDroid. Hiding the application might be dangerous.
As a matter of fact, the SeekDroid application features a dangerous functionality which consists in hiding the application from the device's application tray.

Figure 2. Enabling remote wiping of the device.
Consequently, if an attacker has physical access to your device (or if he/she lures you into installing the application for a reason or another), he/she can install the application without your knowledge and consent. Then, the attacker can track you geographically, remotely wipe your phone, access recent calls (see Figure 3).

Figure 3. Remote web control of the device
For this reason, administrators may wish to detect the application so that end-users cannot become potential victims.
.

recommended-action-logoRecommended Action

    FortiGate Systems
  • Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
    FortiClient Systems
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Telemetry logoTelemetry

Version Updates

Date Version Detail
2020-01-22 74.71200
2019-10-02 72.03600
2019-01-17 65.70500
2018-09-28 62.54000