SMS AndroidOS.Stealer.a malicious software which was likely spread by the Russian cyber criminals, have targeted Android users from various countries around the world, including Azerbaijan, Belgium, France, Latvia, Lithuania, Ukraine, Belarus, Kyrgyzstan and Kazakhstan. Cybercriminals spread this malicious software as the legal Android applications. This malicious software is completely ready for orders, which will be ordered by connecting C&C server. Thus cyber criminal can change server, send messages, delete messages from your phone, download various applications and information, read the messages on your phone or device, and delete existing programs.
The most interesting thing about this threat, configuration file instead of be stored elsewhere online,located together with the malicious software. It creates opportunity for Trojan to maintain its functionality if there is no internet connection. Eventually, through Android device infected this Trojan can be determined the geographic coordinates of the device, sent messages to certain numbers without the user's knowledge, activated or deactivated debug, downloaded different programs and installed or deleted a number of programs.
*C&C - server in which hackers commands and controls captured systems.
*Debug - is a process of finding and reducing the number of bugs, or defects, in a computer program or a piece of electronic hardware.