SEP Mobile malware types
Article ID: 270767
Updated On:
Products
Endpoint Protection Mobile
Issue/Introduction
When a malware detection occurs in SEP Mobile, the Incident for the detection in the MC provides a classification for the type of malware which was detected (i.e. Trojan, Adware, Riskware, etc...). This will be presented in a bubble in the Incident details, and mousing over this bubble presents more information on the malware classification, as shown here:
This document will provide a consolidated list of all the malware types and their descriptions.
Resolution
| Malware Type | Details |
| accessibility_clickjack | Apps that implement Accessibility Clickjacking techniques to gain control of the device |
| data_leak | Apps that leak private data from the device |
| hidden_app | Apps that hide their icon from the device launcher |
| wire_lurker | Apps that are affected by the WireLurker malware |
| xcode_ghost | Apps that are affected by the XcodeGhost malware |
| yispecter | Apps that are affected by the Yispecter malware |
| ace_deceiver | Apps that are affected by the AceDeceiver malware |
| trojan | Apps that disguise themselves as legitimate but allow malicious third-parties hidden access to the device |
| riskware | Apps that are not necessarily malicious but do contain system security critical functions |
| potentially_unwanted | Apps that are installed with the user's consent but might perform activities unexpected or undesired by the user |
| potentially_unsafe | Apps that are not necessarily malicious but contain functionality that can be misused by an attacker |
| adware | Apps that trigger advertising content on the device throughout the user's usage in sophisticated ways |
| ransomware | Apps that prevent access to files on the device by encrypting them and then ask users for ransom in order to decrypt them |
| hack_tool | Apps that may be used by hackers to attack mobile devices and networks |
| hacktool | Apps that may be used by hackers to attack mobile devices and networks |
| monitor | Apps that are not necessarily malicious but monitor and record the user's actions on the device |
| exploit | Apps that leverage a particular security vulnerability that exists in software running on the device to hack it |
| spyware | Apps that spy on the device without the user's knowledge and collect different types of data |
| stagefright_detector | Apps that determine whether an Android device is vulnerable to Stagefright |
| eicar | A standard anti-malware test file developed and provided by the European Institute for Computer Antivirus Research (EICAR) |
| application_linux_sniffer | Apps that monitor the network traffic of the device and may be used by a network attack tool |
| hosts_file | Apps that redirect a particular IP address to a different host in the device hosts file |
| root_hiding | Apps that attempt to hide the fact that the device is rooted |
| repackaged | Apps that disguise themselves as other popular apps but include malicious code |
| packed | Apps that leverage the Code Packing technique to hide their code through one or more layers of compression and encryption. |
Feedback
Yes
No
Powered by
