Android growth spurs new mobile malware, SMS Trojan discovered - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Technology > Phones, Tablets, and other Handheld Devices
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 08-10-2010, 08:35 PM   #1 (permalink)
Call me Mak or K
Mod Emeritus
 
KSoD's Avatar
 
Join Date: Sep 2004
Location: C:\
Posts: 35,645
Default Android growth spurs new mobile malware, SMS Trojan discovered

Security researchers at Kaspersky Lab announced the first malware for the Android operating system to be classified as a Trojan-SMS, the most widespread type of malware on mobile phones.
The malware is disguised as a media player application with the standard Android .APK file extension. When the 13KB file is installed, the mobile device will start to send SMS messages to premium numbers which incur charges on the user's account.
Because Android is growing at such an explosive rate, and users are storing an increasing amount of important data on their mobile phones, the platform is an attractive one for renegade application makers.
"We can expect to see a corresponding rise in the amount of malware targeting [Android]," Denis Maslennikov, Mobile Research Group Manager at Kaspersky Lab said in a blog posting Monday. "Kaspersky Lab is actively developing technologies and solutions to protect this operating system and plans to release Kaspersky Mobile Security for Android in early 2011."
The company has profiled the malware as "Trojan-SMS.AndroidOS.FakePlayer.a"


Source
__________________

__________________
I do not accept support questions via EMail, PM, IM or my G+ page!

Phone: LG Optimus G Pro
Running: Stock JB from LG with Nova Launcher

KSoD is offline  
Old 08-11-2010, 07:25 PM   #2 (permalink)
Banned
 
Join Date: May 2010
Posts: 540
Default Re: Android growth spurs new mobile malware, SMS Trojan discovered

Wow I thought it was linux based so it would have better security. Oh well I guess you can't be too careful. Thanks for the heads up on this.
__________________

__________________
remixedcat is offline  
Old 08-11-2010, 10:10 PM   #3 (permalink)
Mod Emeritus
 
Puddle Jumper's Avatar
 
Join Date: Oct 2007
Posts: 4,286
Default Re: Android growth spurs new mobile malware, SMS Trojan discovered

Quote:
Malware stops its fraud after one run to avoid raising suspicion

Some Android users have found themselves the victim of perhaps the first full-fledged Trojan to hit the system. Our story on the trojan yesterday drew a great deal of attention, so we decided to dig into this one a bit deeper.

A reader -- Jon Oberheimer -- founder of security startup Scio Security and Ph.D candidate at the University of Michigan, writes us that he obtained the dreaded Android trojan, disassembled it, and posted an analysis in gory detail.

From his results it's readily apparent that the effort is amateurish, but slightly clever. The program bears a great deal of similarity to the "HelloWorld" tutorial hosted by Google for aspiring developers. It even prints a string "Hello Android from NetBeans".

When the MoviePlayer activity of the app fires up, it triggers the app's onCreate event. This event checks an SQLite database with a single table and column to see if a string "was" was previously written. Here comes the (sort of) clever part -- on the malware's first run, after accomplishing its ill objectives it writes the string to the database. That way on subsequent runs, the string is detected and the program merely exits without continuing the attack. By doing as such, it's able to keep a low profile and its evil actions might escape notice.

Returning to the actions themselves, assuming it's the first time the app has been run, the app tries to broadcast an SMS text message to premium Russian text numbers -- "3353" and "3354" with a numeric message. Meanwhile it displays to the user Russian text that translates to "Wait, seeking access to video library..."

What's more, as Mr. Oberheimer aptly points out, the premium texts should only go through in Russia. U.S. users likely won't incur toll charges from the attack. Of course similar trojans could be employed in the U.S. in the near future, so beware.

Also, the user has to physically download, install, and approve the permissions on the app. This much relies on the Russian tricksters advertising the app as a "media player". A number of people (in Russia) reportedly did fall for this, completing these steps. The final step is that the users have to open (run) the application. Again, a number of users apparently fell for this.

Basically the only mistake Google made in this case, in terms of security, was overestimating users' ability to handle their own security policies. Most Android users are in the U.S. and China (less than 1 percent are in Russia), so fortunately in this case a minimal number of people appear to have been affected by their membership in the security-ignorant masses.

From this information, it's clear that the threat to savvy American users (or international ones) is minimal. Just be sure not to install strange apps. And if you suspect that an app may not be what it purports to be, notify Google and your carrier immediately, so you can be refunded in the case of malicious activity.

Android isn't the only platform to be hit by similar schemes. Owners of jailbroken iPhones have been hit by worms in the past -- some mere pranks, others malicious.
Source: DailyTech - Android Trojan Proves Amateurish But a Little Clever

Going by that article it doesn't sound like it's a particularly dangerous Trojan although the fact that we are starting to see malware target phones like this is certainly cause for concern.
__________________

AMD Phenom II x4 955 Black Edition : Asus M4A89GTD PRO : Corsair 550VX
G.SKILL Ripjaws 4x2gb DDR3 1600 : MSI Geforce GTX 770 2gb : Antec 300
OCZ Agility 2 60gb SSD (OS) : SanDisk Ultra 120gb SSD (Apps) : Crucial M500 240gb (Steam) : Win 8.1 Pro 64bit
2x Samsung 2494LW & 1x Dell U2312HM Eyefinity

Lenovo ThinkPad X220 : Core i5 2410M : 12.5" 1366x768 IPS LED display : Intel 320 Series 120gb SSD

Samsung Galaxy Note 3 stock 4.3 : Nexus 7 2 stock 4.4

Puddle Jumper is offline  
Old 08-21-2010, 09:52 AM   #4 (permalink)
Lord Techie
 
hikaricloud's Avatar
 
Join Date: Jul 2005
Location: USA
Posts: 6,220
Default Re: Android growth spurs new mobile malware, SMS Trojan discovered

Quote:
Originally Posted by Mak213 View Post
Security researchers at Kaspersky Lab announced the first malware for the Android operating system to be classified as a Trojan-SMS, the most widespread type of malware on mobile phones.
The malware is disguised as a media player application with the standard Android .APK file extension. When the 13KB file is installed, the mobile device will start to send SMS messages to premium numbers which incur charges on the user's account.
Because Android is growing at such an explosive rate, and users are storing an increasing amount of important data on their mobile phones, the platform is an attractive one for renegade application makers.
"We can expect to see a corresponding rise in the amount of malware targeting [Android]," Denis Maslennikov, Mobile Research Group Manager at Kaspersky Lab said in a blog posting Monday. "Kaspersky Lab is actively developing technologies and solutions to protect this operating system and plans to release Kaspersky Mobile Security for Android in early 2011."
The company has profiled the malware as "Trojan-SMS.AndroidOS.FakePlayer.a"


Source
Hmmmm...wonder if Kapersky developed this just to sell a mobile antivirus software...hmmmmm.
__________________
R.I.P. Ronald C. "Bucky" Buck
3/13/1949 - 11/30/2010
Poizen22 - in all honesty id prefetr my pics get passed around then send perform some homo erotic sexual deed.
thirdshiftdj - what on earth are you trying to say???
I do not accept support questions via EMail, PM or IM.
If I helped you out, or what I just said rocked you like a hurricane, hit the little thingie over there.
<-------------------------------
hikaricloud is offline  
Old 08-30-2010, 07:35 PM   #5 (permalink)
Camera junky
 
Poizen22's Avatar
 
Join Date: Jul 2006
Location: ottawa ontario canada.
Posts: 6,283
Default Re: Android growth spurs new mobile malware, SMS Trojan discovered

lol anything open source is more likely to suffer security leaks. everyone has access to it and can develop things for it if they so choose. so security on things like android and Linux is less secure then things like osx and windows. the thing with Linux is the user base has not gone mainstream yet and is not being backed by a large corporation so it isn't often targeted for things like a virus. now with android, it is backed by Google one of the largest company's on the planet and android is huge it is very very very popular OS, mix that with the fact that it is open source and anyone can develop apps for it, that means anyone can develop a virus for it. that is the downfall of open source. once it becomes big enough and if it is backed by a large corp it is a prime target for any computer hacker or malware writer.
__________________

https://www.flickr.com/photos/poizen22/
intel Core I7 8700k@ 5.0ghz-Nvidia GTX1080 ti ftw3-Aorus 5 z370 mobo-16gb ddr4 G-Skill trident Z rgb 3000mhz - 1tb samsung 960 pro, 2tb wd blue- thermaltake rgb 750w gold-Phanteks pro M TG- Samsung CHG70 1440p 144hz 32 inch QLED.
Poizen22 is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
T-Mobile. Android. What do you suggest? Jayce Phones, Tablets, and other Handheld Devices 16 06-11-2010 04:59 PM
Download Mozilla Firefox Browser for Google Android Mobile Phones Osiris Phones, Tablets, and other Handheld Devices 0 05-21-2010 12:13 PM
Security Flaw Uncovered in Google Android Mobile Software Osiris Phones, Tablets, and other Handheld Devices 1 10-25-2008 11:14 PM
T-Mobile G1 First Google Android Phone Osiris Phones, Tablets, and other Handheld Devices 8 10-04-2008 03:51 PM
Apple Growth Will Draw Malware Attacks Osiris Apple and Mac 0 01-21-2008 10:34 AM



Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 01:27 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2019, vBulletin Solutions, Inc.