300,000 Smartphones are Infected with Trojan SMS malware - BestCyberNews: Online News Presenter in the present world

BestCyberNews: Online News Presenter in the present world

Start knowing

test banner

Breaking

300,000 Smartphones are Infected with Trojan SMS malware

According to the security researchers at Panda Labs, a new type of Trojan Android apps have infected at least 300,000 smartphones and tablets.


This is not the first time that all kind of malware has been able to go through the different filters and being published. However, I think this is a different case and it might stay in Google Play for long.

The apps reportedly infect users' handsets via a bogus permissions notification, which when agreed to instigates a complex process that forces the victim to send text messages to a premium-rate number owned by the hackers.

"Without the user's knowledge the app will get the phone number of the device, will go to a website and will register it to a premium SMS service. This service requires a confirmation to be activated, which means it sends an SMS to that number with a PIN code,"

"This app waits for that specific message, once it arrives it intercepts its arrival, parses it, takes the PIN number and confirms your interest in the service. Then it removes it, no notification is shown in the terminal and the SMS is not shown anywhere. Again, all this is done without the user's knowledge."

According to Google Play this app has between 50,000 and 100,000 downloads. The other ones I mentioned do exactly the same. If we add the downloads of all 4 apps, there are between 300,000 and 1,200,000 downloads of all of them. 

2 were published in December 2013 and the other 2 in January 2014, so that number of downloads is pretty impressive. Taking a look at the comments made by some users, a number of them are installing it because they are given tokens / credits in some games by installing these fraudulent apps.


Panda Mobile Security detects this threat, but that is not a big deal: tomorrow we could find hundreds of apps with the same behavior that would not be detected by any antivirus product. 

I would suggest you to please always read the permissions needed to install each application and if among them it is the one letting the app read your SMS and connect to Internet and it is not really needed, do not install it.



Author Venkatesh Yalagandula Follow us Google + and Facebook and Twitter

No comments:

Post a Comment