News

Android SMS Trojan targets porn users

Warwick Ashford

Security researchers have discovered an Android Trojan that sends $6 text messages until the user's mobile phone account runs out of credit.

The malware is disguised as a porn media player, but is not available through the official Android Market app store.

Instead, cybercriminals are distributing it using sophisticated search engine optimisation (SEO) techniques, according to Denis Maslennikov, a security expert at Kaspersky Lab.

"Android users searching for pornography on their smart phones could be in for a costly surprise," he said in a blog post.

The user is prompted to allow the application to access certain parts of the operating system, but Android users should pay close attention to the services an application requests to access, said Denis Maslennikov.

"Automatically permitting a new application to access every service it requests means you could end up with malicious or unwanted applications doing all sorts of things without requesting any additional confirmation," he wrote.

The use of SEO to distribute the malware - dubbed Trojan-SMS.AndroidOS.FakePlayer.b - is a significant development, said Maslennikov.

"This confirms our belief that mobile malware, especially on Android devices, is a potentially lucrative business for malicious hackers," he wrote.

Maslennikov was part of the team of researchers that discovered the first text-based Trojan aimed at the Android operating system last month.

Trojan-SMS.AndroidOS.FakePlayer.a was disguised as a harmless media player application, but also sent text messages to premium rate numbers controlled by cyber criminals, who collect payments from victims' accounts.

The Trojan-SMS category is currently the most widespread class of malware for mobile phones, according to Kaspersky Lab.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy