Hackers hit Android with SMS malware

gallery

The first SMS Trojan targeting Android phones has been identified and has been sending out messages from victims' mobiles to premium rate numbers.

This Trojan-SMS breaks into Android phones via a specially-crafted media player application, which features the standard Android extension .APK, Kaspersky Lab claimed.

As soon as it is installed on the phone, the malware sends out SMS texts to premium rate services, with revenue from this landing in the hands of the cyber criminals.

“The IT market research and analysis organisation IDC has noted that those selling devices running Android are experiencing the highest growth in sales among smartphone manufacturers,” said Denis Maslennikov, mobile research group manager at Kaspersky Lab.

“As a result, we can expect to see a corresponding rise in the amount of malware targeting that platform.”

The security company is planning to roll out Kaspersky Mobile Security for Android in early 2011, Maslennikov added, and the Trojan-SMS.AndroidOS.FakePlayer.a has been logged on anti-virus databases.

A similar technique to this Android attack was seen earlier this year, but was targeting the Symbian OS.

Trend Micro discovered a malicious app running on the S60 platform that sent a message from the user’s device, although it was unsure why at the time.

Talking about the new Android Trojan, Trend Micro's advanced threats researcher, Ivan Macalintal, said: “This income-generating scheme is a low-hanging fruit for cyber criminals.”

“What makes it unique is the use of Android as the targeted platform and, with the increasing popularity and usage of Android, we can expect more malicious code served up in that alley,” he added in a blog post.

Email to a friend

Print this page