Trojan SMS Malware a Moneymaker

Tuesday, February 18, 2014 @ 05:02 PM gHale

Trojan-laden Android apps infected at least 300,000 smartphones and tablets, new research said.

The 300,000 figure is a conservative estimate, said Panda Labs technical director Luis Corrons in a blog post. “Our Panda Mobile Security research team has found a new threat that has infected at least 300,000 people, although that number could be four times higher – 1,200,000,” he said.

Android Apps can Pinpoint Device Details
Android Bootkit Going Global
Trojan Pushes Malware onto Androids
Mac Trojan Updated and Active

The apps reportedly infect users’ handsets via a bogus permissions notification, which when agreed to instigates a complex process that forces the victim to send text messages to a premium-rate number owned by the hackers.

“Without the user’s knowledge the app will get the phone number of the device, will go to a website and will register it to a premium SMS service. This service requires a confirmation to be activated, which means it sends an SMS to that number with a PIN code,” the post said.

“This app waits for that specific message, once it arrives it intercepts its arrival, parses it, takes the PIN number and confirms your interest in the service. Then it removes it, no notification is shown in the terminal and the SMS is not shown anywhere. Again, all this is done without the user’s knowledge.”

Corrons said the campaign has already earned the criminals millions of dollars in revenue. “They charge a lot of money for this premium SMS service, if we make a conservative estimate of $20 charged by terminal, we are talking of a huge scam that could be somewhere between $6m and $24m,” he said.

Corrons said the apps will undoubtedly earn criminals more money, warning they are all still available for purchase on the Google Play store.

He said the applications’ success is largely due to a lack of security awareness from Android users, and that even basic measures could drastically reduce the apps’ effectiveness.

“Whatever security solution you use – if any – please always read the permissions needed to install each application and if among them it is the one letting the app read your SMS and connect to internet and it is not really needed, do not install it,” he said.

Trojan apps are a growing problem in the Android ecosystem. Because of the open nature of Android, criminals are able to create and sell malware-laden applications on a variety of third-party marketplaces with relative ease.

Leave a Reply

You must be logged in to post a comment.