Sunday, November 24, 2013

Skullkey - Android Infostealer

skullkey 2DC07DCA36487339F3935ACE890E42E0


Package names:, com.hk515.activity

Malicious code is inserted in the package in the following locations:

When the Trojan is being installed, it requests permissions to perform the following additional actions:
Clear the caches of all installed applications on the device.
Read user's contacts data.
Monitor incoming SMS messages.
Read SMS messages on the device.
Send SMS messages.
Start once the device has finished booting.
Change the background wallpaper.
Monitor incoming WAP push messages.


The Trojan hides using the Android 'Master Key' vulnerability to keep the legitimate app signature valid.

The Trojan allows attackers to perform the following actions:
Open a back door
Steal sensitive data (such as IMEI and phone number) and sends it to
Send premium SMS messages
Disable certain security apps by using any available root commands

Download. Email me if you need the password

No comments:

Post a Comment