Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Android Malware Propogates Using SMS or E-Mail

BitDefender UK : 14 July, 2011  (Technical Article)
Video share link on Android phones spreads new trojan to contacts through SMS or E-mail with link to malicious app
Android Malware Propogates Using SMS or E-Mail

BitDefender has announced the discovery of a new piece of Android malware, identified as Android.Trojan.KuSaseSMS. This mobile threat propagates by means of self-advertising links sent by unwary users via two clean online video stream viewers available on the Google Android Market, cleverly encouraging friends to infect each other.


The user has the option to send an SMS or an e-mail message to promote the respective viewers to their contacts and friends. If this option is chosen, a predefined text will be entered in the "default sms/email client". The SMS or e-mail will only be sent after the user chooses a recipient. The predefined text for both viewers contains the same link which actually takes the recipient to a malicious app, identified as Android.Trojan.KuSaseSMS. The Trojan sends 6 SMS to number “10086” (a Chinese phone service number) and it blocks all SMS coming from numbers beginning with “10”.


The friends or contacts of the person having accessed the viewers are the intended victims of this malware dissemination scheme. Once they have installed the malicious Android.Trojan.KuSaseSMS app, it accesses an alleged update link which in fact opens up the way to another malicious code that is similar in behavior to HippoSMS. HippoSMS is known to piggyback apparently legitimate applications available on alternative Android markets and to send SMS messages to premium rate numbers. To put it simply, it is the friends and contacts of Android app users that are at risk here, not the app users themselves.


Catalin Cosoi, Head of the BitDefender Online Threats Lab commented: “This could well be the first time that Android users are tricked into putting their friends at risk. Whilst these two apps could easily send the infected links themselves, the chances of users becoming suspicious and the scam getting detected would have been a lot higher. By using their friends and contacts to effectively endorse the safety of the links, it’s likely that a higher number of people will let their guard down and click through. I have to say this is a pretty ingenious way to spread malware, and we may well see more of this technique in future.”


Android users are recommended to always download applications from trustworthy locations and not to resort to alternative application markets. In addition, they should carefully read the permissions requested by applications they intend to install so as to be able to assess the possible risks they are exposed to more accurately. Finally, monitoring the smartphone for unusual behavior will help keep users safe.


BitDefender users can keep their smartphones safe from harm using BitDefender Mobile Security, which uses new in-the-cloud antivirus services to efficiently scan the device and prevent malicious applications from being installed.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo