A second SMS Android trojan virus has been discovered
September 12, 2010
Early Friday morning, a second SMS-sending Trojan virus targeting smart phones running on Google's Android operating system has been discovered. The trojan is being distributed via Russian-language websites offering pornographic video clips and other disturbing, inappropriate content to most viewers.
Android OS users visiting those sites are sent the Trojan file as well, while users of other mobile platforms receive the pornographic video clip, reports Russian anti-virus firm Kaspersky Labs.
The approach suggests users running these sites might be in on the scam, security researchers say.
The latest Trojan virus, called the Trojan-SMS-AndroidOS-FakePlayer-B, poses as a media player package, the same tactic adopted by its predecessor.
In both cases, an Android smartphone only gets infected after a user manually installs the application. During the installation, the Trojan seeks a user’s consent to send SMS messages - something a legitimate media player package would neither need nor request under normal ciscumstances.
Once installed, the Trojan begins sending SMS messages to a premium rate number costing $6 each, enriching cybercrooks in the process. This happens as a background process so victims would normally only find out they have been duped once a huge monthly cell phone invoice is delivered in their accounts.
“Android OS users should pay closer attention to the services that an application seeks permission to access,” said Denis Maslennikov, mobile research group manager at Kaspersky Lab.
The huge success of Google's Android operating system in the marketplace has now made it an attractive target for cybercrooks. Very few malicious applications targeting the platform have appeared so far, but Kaspersky and other anti-virus experts warn that it's only a matter of time before many more similar attacks appear on the Web.
"Automatically allowing a new application to access every service that it says it needs to means you could end up with malicious or unwanted applications doing all sorts of things without requesting any additional information," added Maslennikov.
Source: Kaspersky Labs.
You can link to the Internet Security web site as much as you like.