Android malware threat getting real

Two pieces of Android facing malware have been spotted, one being the notorious Zeus Trojan.

Android 2

More threats targeting Google's Android operating system have been spotted by security researchers.

A version of the notorious Zeus Trojan has been spotted targeting Android, after cyber criminals managed to get the malware uploaded to the official Android Market hidden in an app.

The app disguised itself as a tool from security company Trusteer. Ironically, Trusteer chief executive (CEO) Mickey Boodaei this week said he expects one in every 20 Android mobiles and iPhones to be infected by financial malware and Trojans within the next 12 months.

Advertisement - Article continues below

However, according to Kaspersky Lab researcher Denis Maslennikov, the Android malware is "far more primitive" than the ZeuS-in-the-Mobile (ZitMo) threat targeting Symbian, Windows Mobile and BlackBerry smartphones.

It can only upload all incoming SMS messages to a remote web server, he explained.

Whilst the threat has been removed from the Android Market, it does not the threat is gone, Maslennikov said.

"The application has already been removed but, as it was in previous cases of malware in the Android Market, there are mirroring websites which save the information about all the programs approved by Google," he added in a blog post.

"So, now we have ZitMo targeting four platforms: Symbian, Windows Mobile, Blackberry and Android."

Advertisement - Article continues below

Infecting each other

BitDefender has also identified a new piece of Android malware, which spreads via self-advertising links unwittingly sent by users over two "clean" online video stream viewers available on the Android Market.

Advertisement - Article continues below

Users are prompted to send an SMS or an email to promote the viewers to contacts and friends. Users that do so will send on links, which point to a malicious app known as Android.Trojan.KuSaseSMS.

The actual app user isn't at threat here, it's their contacts and friends who are in danger of infecting their phone.

Once the app is installed, it not only sends six texts to a Chinese phone service number, it accesses an "alleged update link," which opens the user's phone up to yet more malicious code.

That additional code is similar to HippoSMS, which "is known to piggyback apparently legitimate applications available on alternative Android markets and to send SMS messages to premium rate numbers," BitDefender said.

"This could well be the first time that Android users are tricked into putting their friends at risk," said Catalin Cosoi, head of the BitDefender Online Threats Lab.

"By using their friends and contacts to effectively endorse the safety of the links, it's likely that a higher number of people will let their guard down and click through. I have to say this is a pretty ingenious way to spread malware, and we may well see more of this technique in future."

At the time of publication, Google had not responded to a request for more information on either threat.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now


Google Android

Arizona files lawsuit against Google for illegally tracking Android users’ locations

29 May 2020

K2View innovates in data management with new encryption patent

28 May 2020
email providers

Gmail introduces new features to makes personalizing your inbox easier

28 May 2020
Google Android

Google Assistant can now verify payments using your voice

27 May 2020

Most Popular

Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020
cyber security

Microsoft bans Trend Micro driver from Windows 10 for "cheating" hardware tests

27 May 2020
data protection

NHS yet to understand risks of holding Test and Trace data for 20 years

29 May 2020