Among the main trends of the past year – the emergence of a large number of pre-installed on Android-powered devices Mobile malware that silently users can download and install different software, and often showed hype. One of these was the Trojans Android.Cooee.1, built-in GUI more budget smartphones production of a number of little-known Chinese companies. The specialists of “Doctor Web,” revealed another case of the introduction of Android.Cooee.1 on Android-powered device. And this time, “surprise” smartphone buyers expect from a reputable manufacturer of electronics, tells CNews the company “Doctor Web”.
The first information about Android.Cooee.1 appeared in October 2015 when the malware was found on several budget Android-smartphone from the little-known brands. A new case detection of Trojan revealed that unknown attackers appetite is gradually growing: hazardous application was found on the mobile device Philips s307. The specialists of “Doctor Web” alerted about the incident of the manufacturer, which is currently considering possible solutions to the problem.
Android.Cooee.1 is created by virus writers program-launcher (GUI OS Android), which, in addition to the basic functions commonly performed by similar applications shows abundant hype, and downloads and installs the software items. In particular, Android.Cooee.1 able to show ads in the notification bar, display it in full screen or as a separate banner on top of running applications, display advertising videos and animations on the main screen of the OS. It is worth mentioning that the Trojan begins malicious activity immediately after the first turn on the infected system, but only after a certain period specified by the hackers. As a result, owners of infected devices may think that the cause of advertising the program began, they had set during the use of your smartphone, and a real source of intrusive notification will remain undetected.
At the same time, as Android.Cooee.1 actually a system program, the installation of the downloaded software it runs hidden from users. This range of downloadable applications can be extremely wide: from harmless games and browser to all sorts of Trojans, such as SMS-Sender, loaders and even Bankers who can quietly steal money from the accounts of users who have told the company.
As is already installed on Philips s307 Trojan is directly in the smartphone firmware, reset to factory settings will not help get rid of Android.Cooee.1. One possible way of cleaning infected systems from malicious applications is a prior grant it root-access. However, even if the user will be able to do that, the simple removal of a device Android.Cooee.1 lead to malfunction of the latter, as the program-launcher, which is a Trojan that is responsible for the normal boot OS. For this reason, before removing malicious applications, you must install an alternative launcher and configure it to run by default. However, to obtain root-access means the loss of the official manufacturer’s warranty, and any clumsy manipulation of the Android-firmware and system files are accompanied by a serious risk to get completely off the mobile device. Thus, for the majority of affected users Android.Cooee.1 safest solution is to appeal directly to the manufacturer of the infected smartphone with a request to correct the situation and to release a firmware update in which the Trojans will already be missing, says the “Doctor Web”.
The company’s specialists advise owners of Android-smartphone and tablet use antivirus that will not only prevent the penetration of different malicious and potentially unwanted programs in the system, but also to detect the pre-OS Android malware.