IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Android malware threat getting real

Two pieces of Android facing malware have been spotted, one being the notorious Zeus Trojan.

Android 2

More threats targeting Google's Android operating system have been spotted by security researchers.

A version of the notorious Zeus Trojan has been spotted targeting Android, after cyber criminals managed to get the malware uploaded to the official Android Market hidden in an app.

The app disguised itself as a tool from security company Trusteer. Ironically, Trusteer chief executive (CEO) Mickey Boodaei this week said he expects one in every 20 Android mobiles and iPhones to be infected by financial malware and Trojans within the next 12 months.

However, according to Kaspersky Lab researcher Denis Maslennikov, the Android malware is "far more primitive" than the ZeuS-in-the-Mobile (ZitMo) threat targeting Symbian, Windows Mobile and BlackBerry smartphones.

It can only upload all incoming SMS messages to a remote web server, he explained.

Whilst the threat has been removed from the Android Market, it does not the threat is gone, Maslennikov said.

"The application has already been removed but, as it was in previous cases of malware in the Android Market, there are mirroring websites which save the information about all the programs approved by Google," he added in a blog post.

"So, now we have ZitMo targeting four platforms: Symbian, Windows Mobile, Blackberry and Android."

Infecting each other

BitDefender has also identified a new piece of Android malware, which spreads via self-advertising links unwittingly sent by users over two "clean" online video stream viewers available on the Android Market.

Users are prompted to send an SMS or an email to promote the viewers to contacts and friends. Users that do so will send on links, which point to a malicious app known as Android.Trojan.KuSaseSMS.

The actual app user isn't at threat here, it's their contacts and friends who are in danger of infecting their phone.

Once the app is installed, it not only sends six texts to a Chinese phone service number, it accesses an "alleged update link," which opens the user's phone up to yet more malicious code.

That additional code is similar to HippoSMS, which "is known to piggyback apparently legitimate applications available on alternative Android markets and to send SMS messages to premium rate numbers," BitDefender said.

"This could well be the first time that Android users are tricked into putting their friends at risk," said Catalin Cosoi, head of the BitDefender Online Threats Lab.

"By using their friends and contacts to effectively endorse the safety of the links, it's likely that a higher number of people will let their guard down and click through. I have to say this is a pretty ingenious way to spread malware, and we may well see more of this technique in future."

At the time of publication, Google had not responded to a request for more information on either threat.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Google urges Apple to embrace RCS as standard, ditch SMS for Android texts
Mobile

Google urges Apple to embrace RCS as standard, ditch SMS for Android texts

10 Aug 2022
Google reveals new office in Atlanta and $1 million in funding for local communities
Careers & training

Google reveals new office in Atlanta and $1 million in funding for local communities

28 Jul 2022
Hackers hiding malicious links in top Google search results, researchers warn
malware

Hackers hiding malicious links in top Google search results, researchers warn

21 Jul 2022
Gmail vs Outlook.com: Which one is better?
email providers

Gmail vs Outlook.com: Which one is better?

13 Jul 2022

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022