Cepsohord

Image Source: Symantec

Cepsohord is a Trojan horse for Android devices that uses compromised devices to commit click fraud, modify DNS settings, randomly delete essential files, and download additional malware such as ransomware. The application will commonly display a turquoise icon with a typical WiFi symbol displayed inside. The icon can change depending on the type of application it is masquerading as. When the Trojan is installed, it requests permissions to access network information, WiFi information, start at system boot, display alerts, and write to external storage devices. Cepsohord has evolved and adapted to Android Marshmallow's new user permissions model in order to circumvent the new security measures to continue to compromise victims. PC-Remover provides instructions on how to remove the Trojan from your device.

Reporting

  • May 2016: Cepsohord adapts to new permissions model. (Softpedia)

Technical Details

  • Symantec provides technical details on the Cepsohord Android Trojan, available here.