Android malware threat getting real

Two pieces of Android facing malware have been spotted, one being the notorious Zeus Trojan.

Android 2

More threats targeting Google's Android operating system have been spotted by security researchers.

A version of the notorious Zeus Trojan has been spotted targeting Android, after cyber criminals managed to get the malware uploaded to the official Android Market hidden in an app.

The app disguised itself as a tool from security company Trusteer. Ironically, Trusteer chief executive (CEO) Mickey Boodaei this week said he expects one in every 20 Android mobiles and iPhones to be infected by financial malware and Trojans within the next 12 months.

However, according to Kaspersky Lab researcher Denis Maslennikov, the Android malware is "far more primitive" than the ZeuS-in-the-Mobile (ZitMo) threat targeting Symbian, Windows Mobile and BlackBerry smartphones.

It can only upload all incoming SMS messages to a remote web server, he explained.

Whilst the threat has been removed from the Android Market, it does not the threat is gone, Maslennikov said.

"The application has already been removed but, as it was in previous cases of malware in the Android Market, there are mirroring websites which save the information about all the programs approved by Google," he added in a blog post.

"So, now we have ZitMo targeting four platforms: Symbian, Windows Mobile, Blackberry and Android."

Infecting each other

BitDefender has also identified a new piece of Android malware, which spreads via self-advertising links unwittingly sent by users over two "clean" online video stream viewers available on the Android Market.

Users are prompted to send an SMS or an email to promote the viewers to contacts and friends. Users that do so will send on links, which point to a malicious app known as Android.Trojan.KuSaseSMS.

The actual app user isn't at threat here, it's their contacts and friends who are in danger of infecting their phone.

Once the app is installed, it not only sends six texts to a Chinese phone service number, it accesses an "alleged update link," which opens the user's phone up to yet more malicious code.

That additional code is similar to HippoSMS, which "is known to piggyback apparently legitimate applications available on alternative Android markets and to send SMS messages to premium rate numbers," BitDefender said.

"This could well be the first time that Android users are tricked into putting their friends at risk," said Catalin Cosoi, head of the BitDefender Online Threats Lab.

"By using their friends and contacts to effectively endorse the safety of the links, it's likely that a higher number of people will let their guard down and click through. I have to say this is a pretty ingenious way to spread malware, and we may well see more of this technique in future."

At the time of publication, Google had not responded to a request for more information on either threat.

Featured Resources

How to scale your organisation in the cloud

How to overcome common scaling challenges and choose the right scalable cloud service

Download now

The people factor: A critical ingredient for intelligent communications

How to improve communication within your business

Download now

Future of video conferencing

Optimising video conferencing features to achieve business goals

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Recommended

Arizona legislators vote against exclusive app store payment systems
business apps

Arizona legislators vote against exclusive app store payment systems

4 Mar 2021
IT security awareness and training firm KnowBe4 acquires MediaPRO
Acquisition

IT security awareness and training firm KnowBe4 acquires MediaPRO

3 Mar 2021
High-risk email security threats increased by 32% last year
phishing

High-risk email security threats increased by 32% last year

3 Mar 2021
The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

3 Mar 2021

Most Popular

How to build a CMS with React and Google Sheets
content management system (CMS)

How to build a CMS with React and Google Sheets

24 Feb 2021
Microsoft Exchange targeted by China-linked hackers
zero-day exploit

Microsoft Exchange targeted by China-linked hackers

3 Mar 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021