RSS FeedMobile & Wireless
SMS trojans rife on Russian Android phones

SMS trojans rife on Russian Android phones

Scammers extract cash with paid text messages

By | PC World | Published 12:30,

Kaspersky Labs first announced its detection of what appeared to be the first of several SMS Trojans on Google's Android operating system on August 9th. The application released in Russian markets outside of Google's Android Market, was disguised as a media player. Once installed, the code would send 3 premium SMS messages, effectively transferring the US equivalent of ~$18 from the user to the recipient company.

On Wednesday, Kaspersky Labs expert Denis Maslennikov revealed a new Trojan very similar to the first. Again targeting Russian users, this app is disguised as a pornographic media player. What is interesting is not the recurrence of the premium SMS dialling (sending an SMS to a pay service, such as donation codes for the Red Cross, or ringtone services advertised on television), but the method in which installing the app is brought to users attention.

Also in this channel
Related Articles

 

Virtualisation, Big Data and BYOD

Check out our Business IT Hub for opinions and briefings. Read more

The authors of this particular trojan use a tactic known as search engine poisoning to spread the malware. That is, they crafted websites specifically to appear near the top of search results for certain search queries. By placing malicious websites at the top of search results, mobile users who are by nature looking for fast easy results are more likely to click through without due diligence of ensuring the top hits are safe. This has been a common theme of PC-based malware and is now a lucrative trend in the mobile domain for an increasingly popular platform.

When the trojan is installed, it'll ask you to access Android's messaging system. If you deny it, the malicious portion of the code will not be allowed to function. It's a lesson in both trusting your application sources, and paying attention to mandatory security prompts for sure.

Remember that once you have given permission to an application, it rarely if ever will need to request permission again. The simple media browser in this case can wantonly send SMS messages whenever it is active, and you will be none the wiser, till you see the bill.

Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

HP Business Answers

Join the discussion today

The HP Business Answers group is a vibrant community of small and medium sized business owners and employees. HP provides independent and expert advice in fields such as design, branding, taxation, technology, marketing or manufacturing so join today to network with over 6500 like-minded professionals.

Join the HP Business Answers Linkedin Community

Read the most recent discussions

Read more at the HP Business Answers Linkedin Community

ComputerWorldUK Resources

ComputerworldUK
Share
x
Open
* *