TechTarget

Android SMS Trojan targets porn users

Security researchers have discovered an Android Trojan that sends $6 text messages until the user's mobile phone account runs out of credit.

Security researchers have discovered an Android Trojan that sends $6 text messages until the user's mobile phone account runs out of credit.

The malware is disguised as a porn media player, but is not available through the official Android Market app store.

Instead, cybercriminals are distributing it using sophisticated search engine optimisation (SEO) techniques, according to Denis Maslennikov, a security expert at Kaspersky Lab.

"Android users searching for pornography on their smart phones could be in for a costly surprise," he said in a blog post.

The user is prompted to allow the application to access certain parts of the operating system, but Android users should pay close attention to the services an application requests to access, said Denis Maslennikov.

"Automatically permitting a new application to access every service it requests means you could end up with malicious or unwanted applications doing all sorts of things without requesting any additional confirmation," he wrote.

The use of SEO to distribute the malware - dubbed Trojan-SMS.AndroidOS.FakePlayer.b - is a significant development, said Maslennikov.

"This confirms our belief that mobile malware, especially on Android devices, is a potentially lucrative business for malicious hackers," he wrote.

Maslennikov was part of the team of researchers that discovered the first text-based Trojan aimed at the Android operating system last month.

Trojan-SMS.AndroidOS.FakePlayer.a was disguised as a harmless media player application, but also sent text messages to premium rate numbers controlled by cyber criminals, who collect payments from victims' accounts.

The Trojan-SMS category is currently the most widespread class of malware for mobile phones, according to Kaspersky Lab.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close