Who knew Android for mobile could be vulnerable to Trojans and the OS in need of an anti virus, but it has happened in Russia for starters. The malware was detected by Kaspersky, a security firm, who confirmed the file is named “Trojan-SMS.AndroidOS.FakePlayer.a” and is downloaded as a typical .APK Android app. The company stated this is the first known Android specific Trojan.
The malware fools users in to installing it as it poses as a media player app and once installed it starts sending SMS messages to premium rate numbers without the phone owner’s knowledge, costing them large amounts and obviously filling up the spammers account who own those premium numbers.
The malware posing as a “media player” isn’t available on the Android Market. According to Kaspersky researcher Denis Maslennikov:
It is being distributed from a malicious website. You have to click it manually; there is no drive-by download. If you try to install it, the smartphone will ask you to grant permission for the application to send SMS messages, read or delete data from SD and collect the data about the phone and phone ID.
The best course to avoid the problem is to be careful about downloading apps outside the Android Market and pay particular attention to the “permission slip” list of hardware or software an application accesses. These lists are available for every Market and non-Market Android app. If the app needs to make premium-rate SMS or phone calls, you might want to think twice before downloading and installing it.
You Might Also Like:
Like this post? Post Comment and Subscribe RSS