Kaspersky Uncovers Second SMS Trojan that Targets Android-Powered Devices
Another Trojan that targets devices powered by the Google-developed Android operating system has been uncovered by Kaspersky, company that offers award-winning antivirus and mobile security software. Leading developer of secure content management solutions Kaspersky categorized this threat as an SMS Trojan – which means this is the second SMS Trojan Kaspersky uncovers.
Back in August Kaspersky uncovered the first SMS Trojan that targets Android-powered devices. Named Trojan-SMS.AndroidOS.FakePlayer.a, the Trojan hid under the guise of a media player application. Once installed, the Trojan would start sending out SMSs to premium rate numbers without the owner’s knowledge or consent,
The SMS Trojan uncovered this September has been named Trojan-SMS.AndroidOS.FakePlayer.b. This Trojan also hides under the guise of a media player. According to Kaspersky, the Trojan is found on Russian-language adult sites. The user is lured to malicious sites that promise to offer adult content. On the site the user is asked to download the phony player and install it on his Android-powered device in order to see adult videos. The installation file weighs in at 16.4KB.
During the installation process the phony media player will seek the user’s consent to send SMS messages. That should be the first alarm bell to go off in the user’s head – media players do not regularly need to send out SMS messages, now do they? After the phony media player is installed, the Trojan will start sending out SMS messages to a premium rate number without the user's knowledge – each message will cost the user $6.
"Android users should pay close attention to the services that an application seeks permission to access,” said Denis Maslennikov, Mobile Research Group Manager at Kaspersky Lab. “Automatically permitting a new application to access every service that it says it needs to means you could end up with malicious or unwanted applications doing all sorts of things without requesting any additional information.”
Because the code of Trojan-SMS.AndroidOS.FakePlayer.b is veri similar to the code of Trojan-SMS.AndroidOS.FakePlayer.A, Kaspersky believes the Trojan was released by the same person or group of people with malicious intent.
Back in August Kaspersky uncovered the first SMS Trojan that targets Android-powered devices. Named Trojan-SMS.AndroidOS.FakePlayer.a, the Trojan hid under the guise of a media player application. Once installed, the Trojan would start sending out SMSs to premium rate numbers without the owner’s knowledge or consent,
The SMS Trojan uncovered this September has been named Trojan-SMS.AndroidOS.FakePlayer.b. This Trojan also hides under the guise of a media player. According to Kaspersky, the Trojan is found on Russian-language adult sites. The user is lured to malicious sites that promise to offer adult content. On the site the user is asked to download the phony player and install it on his Android-powered device in order to see adult videos. The installation file weighs in at 16.4KB.
During the installation process the phony media player will seek the user’s consent to send SMS messages. That should be the first alarm bell to go off in the user’s head – media players do not regularly need to send out SMS messages, now do they? After the phony media player is installed, the Trojan will start sending out SMS messages to a premium rate number without the user's knowledge – each message will cost the user $6.
"Android users should pay close attention to the services that an application seeks permission to access,” said Denis Maslennikov, Mobile Research Group Manager at Kaspersky Lab. “Automatically permitting a new application to access every service that it says it needs to means you could end up with malicious or unwanted applications doing all sorts of things without requesting any additional information.”
Because the code of Trojan-SMS.AndroidOS.FakePlayer.b is veri similar to the code of Trojan-SMS.AndroidOS.FakePlayer.A, Kaspersky believes the Trojan was released by the same person or group of people with malicious intent.
