The Android.Arspam Trojan made its way into Android-based devices through a fake copy of a popular Islamic compass app available on the Android Market. Though the real version of the app is still safe. So, when a user installs the fake app, the Arspam code which is embedded in the fake copy activates itself working in the background as a service called alArabiyyah. The Trojan then randomly picks one link from a list of eighteen and then sends an SMS message to every contact in the address book of the hacked device, sending them a link to a forum site. According to Symantec, every link to a forum site points to identical content, which seems to be a tribute to Mohamed Bouaziz.
