GhostCtrl

GhostCtrl is a threatening Android Trojan whose infection often may go unnoticed for a long time because of the self-preservation and security measures it employs. Often, the GhostCtrl may pose as a legitimate Android component such as 'android.engine' – a name that users would never suspect to be related to a virus infection. The good news is that GhostCtrl is by no means an advanced project when it comes to evading anti-virus applications – if your Android device is secure by an up-to-date anti-malware utility, you will not need to worry about attacks involving the GhostCtrl Android Trojan.

The payload of the GhostCtrl is likely to be spread with the help of fake applications hosted on 3^rd-party application stores, bogus text messages, fake downloads, and even falsified social media profiles, pages and publications. As soon as the GhostCtrl is launched on an unprotected Android device, it will plant its components under the name 'android.engine.' The Trojan also is able to disguise its presence in the 'Applications' settings menu by using a blank icon and name.

When these tasks are completed, the GhostCtrl backdoor Trojan contacts a remote control server and waits for commands submitted by the attackers. This Trojan is very rich when it comes to features:

• Manage WiFi and mobile data connections.
• Access phone sensors.
• Modify the wallpaper.
• List files and directories and upload them to the control server.
• Use text-to-speech.
• Send text messages, intercept messages and manage the SMS inbox.
• Use the 'Phone' application to call numbers specified by the attackers.
• Send remote commands.
• Record audio and video by using the microphone or camera.
• Record phone calls.

The GhostCtrl implant gives attackers almost full control over the infected Android device. You should not misjudge the importance of your phone's security – invest in a regularly updated Android anti-malware application that can keep you safe from threatening applications like the GhostCtrl backdoor Trojan.