1 Star2 Stars3 Stars4 Stars5 Stars (Rate This)
Loading...

A local outbreak of a mobile trojan in Russia has shown us something new: The Android operating system might need an antivirus.On Tuesday several mobile security companies were analyzing a Trojan horse that appeared on phones running Google’s Android software in Russia….

The malicious software, which was discovered by Kaspersky Lab, an antivirus software company, is said to take advantage of Android phones after users install what appears to be a “harmless media player.” Once the file is installed the Trojan horse begins sending text messages to premium-rate phone numbers “without the owner’s knowledge or consent, resulting in money passing from a user’s account to that of the cybercriminals.”

The malware was detected by security firm Kaspersky, who confirmed the file is named “Trojan-SMS.AndroidOS.FakePlayer.a” and is downloaded as a typical .APK Android app. The company stated this is the first known Android-specific trojan.

The malware works by posing as a media player app. Once the app is installed on the mobile device, the trojan begins to send SMS messages to premium rate numbers without the device owner’s knowledge. Since the trojan’s creators are usually the ones on the other end of those premium numbers, they end up profiting from the scam.

Security experts also noted that the infected application was not available in the Android Marketplace, the store used to download applications for the Android platform. Phone owners must explicitly change a setting on their phone to permit the installation of non-Marketplace applications.

This SMS-based type of malware is currently one of the most common forms of mobile viruses. SMS trojans have been around for years on mobile phones, even predating the smartphones we all know and love. The first mobile SMS virus appeared in 2004, and the first-ever Android malware (isolated incidents of spyware) popped up in 2009.Kaspersky Lab is currently working on Android-specific antivirus technologies; the company plans to release Kaspersky Mobile Security for Android early next year. Other antivirus apps are available in the Android Market; in the past, such applications were thought unnecessary.

However, as this platform continues to experience meteoric growth, even outselling iPhones in the first half of this year, more criminals will be attracted to the money-making capabilities of Android viruses. We hope that Google and device carriers and manufacturers will think about security and antivirus options when planning on-board apps for future OS updates.

The trojan “media player” that’s causing concern today isn’t available in the Android Market. Rather, it is “being distributed from a malicious website,” according to Kaspersky researcher Denis Maslennikov. “You have to click it manually, there is no drive-by download. If you try to install it, the smartphone will ask you to grant permission for the application to send SMS messages, read or delete data from SD and collect the data about the phone and phone ID.”

As always, be aware of what you download, especially if you’re downloading apps outside the Android Market. Kapersky recommends you pay particular attention to the “permission slip” list of hardware or software an application accesses. These lists are available for every Market and non-Market Android app. If the app needs to make premium-rate SMS or phone calls, you might want to think twice before downloading and installing it.

Jay Nancarrow, a Google spokesman, said Android applications must get permission from the user before doing things like sending text messages or making phone calls.“We consistently advise users to only install apps they trust,” Mr. Nancarrow said in a statement. “In particular, users should exercise caution when installing applications outside of Android Market.”

Reader Jon Oberheide emailed us to say he’d gotten a copy of the trojan and dissected its code. On his personal blog, Oberheide writes that the malware “appears to be hastily built off of the HelloWorld example program distributed in the Android SDK.” When the user first tries to run the app, he will be told to wait for the media player to find the video library. During this time, the device will send a string of numbers to an SMS shortcode three times. After those three messages are sent, the program won’t run again. As Oberheide concludes, “It would be unwise for the trojan to continually barrage the premium SMS number with additional messages from the same user as it would likely raise more red flags.”

Resources :mashable.com,bits.blogs.nytimes.com


Gartner and IDC agree the Android

IE 9 Beta launching September 15th
You can also press the left/right arrow key on your keyboard to go to previous/next post
  On August 12, 2010(6 years, 1 month ago.)

You May Also Like:

What Do You Think?

Leave a Reply




Loading Facebook Comments ...

FTC Disclosure: Some of the links of this website are "affiliate links." This means if you click on the link and purchase the item, we will receive an affiliate commission.


Recent Search

Recent Tutorials

There is a high-risk XSS Vulnerability in W3 Total Cache, and we have got the guide to the fix for you.
Check out this tutorial to know how to install Apple watchOS 3 beta certificate on your Apple Watch and start enjoying the new version.
If you are trying to jailbreak iPhone, iPad or iPod on iOS 9.2 - 9.3.3 without using a computer or Apple ID, then check this video tutorial.
Pokemon Go users are complaining about the crashing and server issues. Check out the tutorial to solve error problems and thanks us later.
Turning off Wi-Fi Assist is a great way to save mobile data since it automatically starts using cellular data when Wi-Fi signal is poor .
If you want to secure your SIM card from others using it, then check out this tutorial to know how to set up the SIM Pin code on your iPhone.
CiderTV is a great alternative to control Apple TV from the Notification Center. Check out this tutorial to set up CiderTV on your iPhone.
Are you annoyed by the split screen mode on the iPhone 6 Plus or 6s Plus? Check out this quick tutorial to turn off split screen feature.
If you could not wait to installed the iOS 10 beta version on you iPhone and now struggling for the errors, then this tutorial is for you.
Siri might not understand the question you asked. But you can use Siri by editing the text that you asked & it will give an updated answer.
Close You Have To Login
User:
Pass:
Login With »Login With TwitterLogin With Facebook