Malware can Make Phone Calls

Wednesday, December 11, 2013 @ 04:12 PM gHale

Mobile devices continue to be the low hanging fruit for attackers as a new version of malware is now able to make calls from infected phones without user interaction, researchers said.

Earlier versions of the MouaBad malware were mainly developed to send out SMS messages to premium rate numbers from infected phones, said researchers at security firm Lookout. For each of the messages sent out, the victim would end up charged a certain amount of money.

Android Malware on Rise
SAP Trojan Uses Carberp Code
Two Trojans Collaborate in Attack
Malware Targets SAP Users

The new version, called MouaBad.p, can send SMSs and making calls. Lookout said this threat is the first one capable of making calls to premium rate numbers without user interaction.

“The method Mouabad.p uses to make and end calls is unusual in that it uses reflection to access private methods in TelephonyManager to make and end calls (as opposed to the more common use of intents),” said John Gamble, a Lookout researcher, in a blog post.

However, researchers said MouaBad is not difficult to identify since it does not modify call logs. This means that all the calls it makes will show up on the call history screen.

This Trojan only works on Android versions older than 3.1, which means the risk of infection is low. Furthermore, the malware appears to go after Chinese-speaking users.

It’s also worth noting that MouaBad.p employs some clever techniques to evade detection. The calls it makes immediately end if the user interacts with the device. Furthermore, it attempts to gain privileged device access to become more difficult to remove.

Researchers said the threat most likely goes out via rogue applications.

Another interesting thing mentioned by Lookout is the fact that MouaBad’s dialing functionality work for other purposes, including spying on conversations.

Leave a Reply

You must be logged in to post a comment.