KevDroid

Description

(Talos) Variant 1: The purpose of the application is to steal information stored on the device. Here is the list of stolen information:

• Installed applications • Phone number • Phone Unique ID • Location (the application tries to switch on the GPS), this information is collected every 10 seconds, which is aggressive for this kind of spying tool • Stored contacts information (name, phone numbers, emails, photos, etc.) • Stored SMS • Call logs • Stored emails • Photos • Recording calls

Variant 2: The variant contains the same features than the previous version with some additional:

• Camera recording • Audio recording • Web history stealing • File stealing • Root access on the device

Names

Name
KevDroid

Type

Reconnaissance
Backdoor
Info stealer

Information

https://blog.talosintelligence.com/2018/04/fake-av-investigation-unearths-kevdroid.html

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/apk.kevdroid

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:KevDroid

Other Information

Uuid

322aa827-1bf8-4d95-b773-dc6488aea1b8

Last Card Change

2020-04-23

Threat Intelligence Garden

Explorer

KevDroid

KevDroid

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks