Mobogram 5.4 Mobile Malware
This malware has been published as an apk file with the name of "Mobogram5.4" and is developed for android mobile devices. Mobogram5.4 application as an unofficial version of Telegram, uses MTProto proxies to bypass Iran's governmental filtering system and is constantly subscribing the victim into Telegram channels and groups, specially into online business ones, through theses proxies and also through the android notification system. This application is potentially a trojan malware type and is able to download and install other application(s) into the victim's android device.
This malware, just like many others in Iran, abuses "Pushe" notification service to perform malicious operations.
A list of malicious works the malware can accomplishes are:
- Capable to download and install application(s) from the specified URLs
- Capable to subscribe the victim into value added services (VAS) by landing web pages
- Capable to subscribe the victim into Telegram channels or groups
Symptoms of infection
This malware is installed under the name "Mobogram" and cannot be seen any symptoms of infection in the device at the first look, although capable of doing it's malicious behavior in the background.
Methods of Clearing Mobile Infected
for removing the malware, we can easily uninstall it from the application menu. meanwhile, nothing threaten the user who disabled the notifications for the installed Mobogram application.
Methods of Infection Prevention
The following recommendations can play a significant role in preventing the infection of mobile phones.
- Do not download and install applications from untrusted sources
given that many problems for mobile phone users arise from downloading and installing applications from insecure resources, consider to download the required applications only from well-known and trusted sources like Google Play Store and App Store.
- Consider permissions required from the application to be installed
During installation of android applications, they request some permissions to be accepted by the user. It is very important to prevent installing if it requires more permissions than needed; considering the functionality it provides (based on malware's developer declares about the application).
- Disable the notifications for the suspicious applications
Disable the notifications for the suspicious applications, immediately after installation, to prevent the consequences (based on the malicious notifications).
- Install anti-virus software and update it periodically
in recent years, the widespread prevalence of malware and viruses on android mobile devices caused many problems for smart phone users, so installing an anti-virus program is one of the essentials to prevent the android devices to be infected and malwares to be spread.
also notice that always use a trusted and reliable anti-virus program and update it periodically to detect newly released malwares as soon as possible.