The Lookout researchers have name the trojan as DeathRing because the trojan is disguised as a ringtone App.
The malware is activated in two ways both dependent on the victims use of the phone.
First, the malware will activate if the phone is powered down and rebooted five times.
On the fifth reboot, the malware starts.
The DeathRing seems to come pre-loaded only in clones and low end Android smartphones as per the Lookout study.
Lookout says as a buyer, you should check the origins of the smartphones while buying.
source: www.techworm.net
