Cepsohord
NJCCIC Threat Profile
Original Release Date: 2016-07-07
Cepsohord is a Trojan horse for Android devices that uses compromised devices to commit click fraud, modify DNS settings, randomly delete essential files, and download additional malware such as ransomware. The application will commonly display a turquoise icon with a typical WiFi symbol displayed inside. The icon can change depending on the type of application it is masquerading as. When the Trojan is installed, it requests permissions to access network information, WiFi information, start at system boot, display alerts, and write to external storage devices. Cepsohord has evolved and adapted to Android Marshmallow's new user permissions model in order to circumvent the new security measures to continue to compromise victims. PC-Remover provides instructions on how to remove the Trojan from your device.
Reporting
- May 2016: Cepsohord adapts to new permissions model. (Softpedia)
Technical Details
- Symantec provides technical details on the Cepsohord Android Trojan, available here.
Featured Content
- Disaster Relief and Tragedy-Related Scams>
- Flaw in Cosmo DB Could Allow Access to Databases>
- Threat Actors Use Messaging Service as Phishing Lure>
- Back-to-School Cybersecurity>
- Patch Now: Active Exploitation of Microsoft Exchange ProxyShell Vulnerabilities >
- T-Mobile Breach>
- Test Your Cybersecurity Knowledge - Take Our Cyber Quiz Today>
The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.
View our Privacy Policy here.
View our Site Index here.