Malware spammers target Android OS

Google’s mobile operating system, Android, has been hit again by malicious malware causing devices to send out spam SMS messages

Google's mobile operating system (OS), Android, has been targeted again by malicious malware, which causes the device to send out spam SMS messages.

The infected malware, known as SpamSoldier, has been hiding in free versions of popular Android games, such as the chart-topping Angry Birds, according to security company, Cloudmark.

Android OS handsets that had installed the infected trojan would connect to a command and control (C&C) server, which then replies with a list of phone numbers and a message to deliver. The application would then send out thousands of spam messages to encourage people to download the same app by offering free apps and even gift cards.

The text messages offering gift cards stage an attempt at monetising the attack by tricking users into giving over personal information.

Andrew Conway, security research at Cloudmark, said this type of malicious mobile application was new, yet an unsophisticated attack. But he said this sort of attack changes the economics of SMS spam, because the spammer doesn't have to pay for the messages that are sent.

"Now that we know it can be done, we can expect to see more complex attacks that are harder to take down," he said.

The trojan mobile applications were downloaded from sites on a server in Hong Kong offering free games, not through the Google Play Store. 

The Google Play Store has suffered this year from a string of attacks.

In August, Google introduced stricter rules for applications on its Android mobile OS to reduce the number of malicious apps in the Google Play app market and improve its reputation.

Mobile operator, Orange, has announced it is to pre-install security software on most of its Android OS handsets in 2013.

Read more on Mobile apps and software

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

As George mentions below, be careful reading this article! It does not give the whole truth - Angry birds, and all apps mentioned, are perfectly safe, if you get them from the Google Play store.

I'll say it again: if you use the Google Play store, this DOES NOT AFFECT you!

If you like to get 'free' (pirated) versions of games, rather than paying for them, then this is squarely aimed at you. This doesn't just go for Android - as a rule, if you pirate software on any platform, EXPECT PAIN. Expect viruses and malware.

If you stick to legitimate routes (Google's Play store), then you will be safe. But regardless of where you get your apps from, if you are worried, check out the developer, and check the reviews.