Friday, May 17, 2013


There is a  new security blog post from WebRoot about an Android malware called RoidSec. I took a quick look at this APK which can be found at:
or you can download the APK here (pasword = infected).

A quick analysis finds that while it does send data to the C&C server below, it is currently ineffective as this site has gone down a while ago. Still it can be classified as malware as it does not give the specified benefit while hiding itself in the background and potentially leaking data to a domain that could become active or be updated in the future.

C&C Server: hxxp://roidsec{dot}com/

Stay safe out there