Obad.a – What You Need to Know About the Latest Android Threat

With the convenience of our mobile apps, we increasingly rely on our phones for work and play.  But did you know that those same apps might be leaving you vulnerable to some nasty mobile viruses?

The worst type of malware, software that damages your computer or mobile, is a Trojan.  Trojans are a particularly insidious type of malware, because much like its namesake, it disguises itself as useful software to the user and then leaves a backdoor open in your system so hackers can get into your data at any time.

There’s a new Trojan that targets the Android operating system called Backdoor.AndroidOS.Obad.a or “Obad.a,” and it’s the most dangerous virus for your phone yet.

Here’s what you need to know:

Your phone “catches” Obad.a three ways:

  1. By downloading an app that has Obad.a in its code.
  2. By using free Wi-Fi.
  3. By leaving your Bluetooth on and unprotected.


It can travel via Bluetooth.  Obad.a has some terrifying Bluetooth capabilities.  It can detect all devices that have Bluetooth on and then connects to those Bluetooth networks, which means if you leave your phone’s Bluetooth unprotected in public and someone with this virus walks by you, your phone now has Obad.a.

Once you have Obad.a, it also can control any Bluetooth device you use; for example, if you use a Bluetooth keyboard it can intercept your typing.  Or if you have a Bluetooth enabled camera, it can turn your camera on and send the images to a server without your permission.

It’s hidden.  Obad.a runs in the background of your phone so you may not know if you even have it.  It’s so well hidden that even the code it’s written in is intentionally confusing and difficult to decipher.  The confusing code makes it nearly impossible to delete.

It seeks out security weaknesses.  Once Obad.a is on your Android device it can “ping” or search for holes in your security system to exploit.  It does such a thorough job of finding security holes, experts warn that it’s found some holes that even Android didn’t know about.

It has full access to your phone.  It works like a thief that has full access to your phone and all of its functions. It can send texts and delete incoming texts without ever alerting you. It can send all of the data on your phone to a server and download files to your phone and run them without you knowing it.

Obad.a is the most sophisticated malware yet.  It is mostly popping up in Russia but is capable of traveling very fast and doing untold damage to your personal data.  Android is currently working to untie the knots in the code so that there is a comprehensive defense against Obad.a for Android users, but as of right now, it’s the biggest threat to everything you keep on your phone.

How Can You Protect Yourself From Obad or Other Trojans?

  • Turn off discover/visible-to-all mode or protect your Bluetooth with a security mode when out in public
  • Always use secure browsing when using public Wi-Fi
  • Be careful of downloading apps from unverified sources
  • Don’t open an email attachment if you don’t recognize the sender of the email
  • Make sure your security software is always up to date
  • Take advantage of McAfee Mobile Security – comprehensive protection against mobile device loss, viruses and web threats

For future updates, be sure to follow @McAfee and @McAfeeConsumer on Twitter.

Leave a Reply