Virus

Android/FakeTimer.A!tr

Analysis

Android/FakeTimer.A!tr is a trojan targetting Android mobile phones.
It sends the device's information to an HTTP server.

Technical Details


The trojan installs a service called KitchenTimerService.
The service firsts contacts an HTTP server from which it will receive a cookie containing a unique identifier.
The service will then retrieve the following information:
  • Device IMEI
  • Subscriber ID
  • Phone number
And sends the information back to the HTTP server at: The application then opens a web page:
Kaspersky: HEUR:Trojan.AndroidOS.FakeTimer.a

Recommended Action

    FortiGate Systems
  • Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
    FortiClient Systems
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.