- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
New Android Malware Texts Premium-rate Numbers
Wed Aug 11, 5:50 am ET
Researchers at Russian security company Kaspersky Lab say they've discovered
the first malicious software program to target Google's Android mobile
operating system.
The application masquerades as a media player, according to a Kaspersky blog
post. But if it is installed, the rogue application begins secretly sending
SMSes (Short Message Service) to a premium rate number presumably belonging
to the hackers who created it.
There have been isolated cases of spyware programs that run on the Android
platform, an open-source mobile operating system created by Google. But the
fake media player application, which Kaspersky dubbed
"Trojan-SMS.AndroidOS.FakePlayer.a," is the first one believed to
specifically target Android, Kaspersky said.
"Kaspersky Lab recommends that users pay close attention to the services
that an application requests access to when it is being installed," the
company said. "That includes access to premium rate services that charge to
send SMSes and make calls."
The application is simply called "Movie Player," according to Lookout, a
company that makes mobile phone security and management software. The
malware does apparently warn users they may be charged for SMSes if they
install it. The SMSes costs "several dollars," Lookout's blog said.
Lookout suggested that Android users check the permissions of the media
player applications and revoke any that mention charging for SMSes. The
malware may not spread far, however, for a couple of reasons. "So far this
has only affected Android smartphone users in Russia and only works on
Russian networks," Lookout said. "As far as we know, there is no indication
that this app is in the Android Market."
Google said in a statement that users see a screen after downloading an
application that explains what information and system resources that
application can access, such as their phone number or the SMS function.
"Users must explicitly approve this access in order to continue with the
installation, and they may uninstall applications at any time," Google said.
"We consistently advise users to only install apps they trust. In
particular, users should exercise caution when installing applications
outside of Android Market."
As another defense against this malware, users can set their phone to only
download applications that are in the Android Market Mobile devices have not
been afflicted by malicious software to the extent of desktop OSes such as
Windows, but security analysts have said they expect that to change as
smartphones become more widely used and gain more capabilities.
Last year, Trend Micro analyzed a piece of mobile malware known as "Sexy
Space," which ran on Symbian S60 OS devices. Infected phones would send
SMSes to everyone in the phone's contact list with a link to a website. If
someone clicked the link, they would then be prompted to install Sexy View,
which purported to offer pornography-related content.
In 2005, the Symbian Series 60 OS was targeted by Comwar, a worm that spread
via Bluetooth and MMS (Multimedia Messaging Service). The first for-profit
mobile malware, Redbrowser, was discovered in 2006.
Redbrowser used a social-engineering ploy written in Russian to lure users
to manually install it, which limited the rate at which it spread. The
malware sent SMSes to a phone number that charged around US$6 per message,
targeting even lower-end mobile devices running the J2ME (Java 2 Mobile
Edition) software, which at the time ran on some 1 billion devices from
vendors such as Nokia, Motorola and Research in Motion.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I guess that is another good reason to get Lookout Security on your phone!
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How do I get rid of the hackers
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
That's a bit vague. How do you know you have a hacker or are you asking how to avoid? Too broad.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Make sure you watch what you install, what permissions it asks for and install something to scan and protect from viruses such as, VZ Protect, Avast, Lookout Security, or other program.