Your browser is obsolete!

The page may not load correctly.

Free trial
Dr.Web for Android

Defend what you create

Other Resources

Close

Library
My library

+ Add to library

Contact us
24/7 Tech support

Send a message

Call us

+7 (495) 789-45-86

Forum
Profile

Back to news

Origins Tracing™ against Android.SmsSend

22 August 2011

Doctor Web—the leading Russian anti-virus vendor—successfully implements its Origins Tracing™ technology to eliminate threats to Android. This unique technology significantly reduces virus databases size at no cost to the protection quality—a very important feature for mobile devices.

The conventional detection technique requires a unique signature for each malicious file, so an anti-virus can recognize such a file. Consequently, the size of a database containing such signatures increases when new entries are added. Meanwhile, to avoid detection virus makers often recompile malicious files or alter the source code insignificantly. So the malicious payload remains the same but the signature of such a malicious program will differ from the one present in the virus database and an anti-virus may fail to detect such malware.

Origins Tracing™ from Doctor Web works differently. A special file describing the behaviour pattern is created for each malicious program added into the database. One such an entry is enough for an entire family of malicious applications to be recognized by the anti-virus, which ensures prompt detection of new variants of one program and significantly reduces the size of virus databases.

Origins Tracing™ is a unique technology created by Doctor Web. It has been used in Dr.Web products for desktops for several years and has recently been incorporated into the new versions of Dr.Web for Android Anti-virus&Anti-spam and Dr.Web for Android Light. Yet with Origins Tracing™ these software products successfully neutralize Android.SmsSend Trojan horses. This type of malignant software offers users to send paid SMS to install free applications, such as the browser Opera Mini. Once this Trojan horse has been added as Android.SmsSend.47 into the Origins Tracing™ databases, virus writers have tried repeatedly to change the source code of the program, hoping to bypass the anti-virus defence, but it has not brought any results. Each new version is successfully detected by the anti-virus software automatically. It should be noted that in the near future the list of malignant programs for Android, detected with Origins Tracing™, will be expanded.

Tell us what you think

You will be awarded one Dr.Webling per comment. To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.


Other comments

The Russian developer of Dr.Web anti-viruses

Doctor Web has been developing anti-virus software since 1992

Dr.Web is trusted by users around the world in 200+ countries

The company has delivered an anti-virus as a service since 2007

24/7 tech support

© Doctor Web
2003 — 2017

Doctor Web is the Russian developer of Dr.Web anti-virus software. Dr.Web anti-virus software has been developed since 1992.

2-12А, 3rd street Yamskogo polya, Moscow, Russia, 125040