Malicious Android app taps user contacts

Another malicious Android app is spotted - this time texting all user contacts and taking phone data.

Mobile threat

A malicious Android app, impersonating a legitimate application, has been spotted texting all contacts from users' phonebooks.

Once downloaded, the purported copy of Incorporateapps' Walk and Text app, which contains none of the functionality of the original, took phone data and sent texts, which were charged to the sender.

Data targeted by the malicious app, which Android owners could have downloaded from a variety of forums and file sharing sites, included phone numbers and IMEI codes.

The Trojanised app also recommended users installed the legitimate version of the application and even forwarded them to the official Android Market page, begging the question who was behind the fake app.

"One possibility is that it was a fan of Incorporateapps applications who attempted to protect the company from piracy," said Vanja Svajcer, principal virus researcher at SophosLabs, on a blog.

"Another possibility is that it was somebody who wanted to damage the company's reputation so that it appears that they stand behind the attack. The jury on that one is still out there."

The mobile security space could be set for an explosion in activity this year.

Despite attacks being low in quantity compared to PCs, McAfee claimed it saw a spike in mobile security threats in 2010.

The number of pieces of new mobile malware the firm found in 2010 rose 46 per cent over 2009.

As hackers often go for the lowest hanging fruit, Android owners may want to be particularly wary, given research this week indicated the platform was now more popular than Apple's iOS.

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

Defense Dept. expands vulnerability disclosure program to all publicly accessible defense systems
ethical hacking

Defense Dept. expands vulnerability disclosure program to all publicly accessible defense systems

5 May 2021
Security researchers take control of a Tesla via drone
ethical hacking

Security researchers take control of a Tesla via drone

5 May 2021
Best free malware removal tools 2021
Security

Best free malware removal tools 2021

5 May 2021
Acuant acquires identity verification provider Hello Soda
mergers and acquisitions

Acuant acquires identity verification provider Hello Soda

4 May 2021

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021
Dell patches vulnerability affecting hundreds of computer models worldwide
cyber security

Dell patches vulnerability affecting hundreds of computer models worldwide

5 May 2021