The first SMS Trojan for Android smartphones has been detected in the wild, a sign of the operating system's growing popularity.
According to Denis Maslennikov, mobile research group manager at Kaspersky Lab, this is quite a development, as Android is the latest mobile platform to be targeted by cyber criminals.
SMS Trojans for various platforms such as J2ME, Symbian, Windows Mobile and now Android are the most “popular” malicious programs today targeting mobiles. “Cyber criminals continue to create this sort of program because for them it's one of the easiest ways to earn money illegally.”
He says the Trojan-SMS.AndroidOS.FakePlayer.a poses as a media player application. “Users who install the application will see an icon dubbed 'Movie Player' in their list of applications.
“The Trojan stealthily sends text messages to two premium rate numbers, 3353 and 3354, without the user's knowledge or consent. Each message costs the user about $5.”
Maslennikov says during installation, the device owner is asked to allow this application to change or delete memory card data, send SMSes and read the data about the phone and phone ID.
“When installing a new program, it is very important to pay attention to which services the application requests access. Automatically permitting a new application to access every service it requests means you could end up with malicious or unwanted applications doing all sorts of things without requesting any additional confirmation. And you won't know anything about it.”
At the moment, although all Android devices can potentially be infected, the Trojan has only affected Russian users, and as far as Kaspersky Lab can tell, it's currently not being spread via Android Marketplace.
However, Maslennikov stresses that in the past, Kaspersky Lab has seen many local problems evolve into global ones. “Whenever we discover malware that uses a new infection vector, or targets a formerly untouched platform, we know that this is just the beginning.”
Share
