Feeds

China faces million-strong zombie phone horde

Leading the world in mobile malware

Security for virtualized datacentres

More than a million mobile phones in China have been infected with the AVK.Dumx.A Trojan.

According to local reports in the Shanghai Daily, the infection is costing users more than two million yuan (just shy of £200,000) in text messaging as it attempts to spread.

The disguise the Trojan wears is unclear, though it does appear to be Symbian-based. All reports agree that in addition to spreading itself the infection logs with a central server in readiness to receive additional instructions.

The Shanghai Daily's report explains that the infection comes embedded in an anti-virus package, but the official notification from the Chinese "National Computer Network Emergency Response Technical Team Center" draws attention to a media player called DuMusicPLayer which it reckons is carrying the Trojan.

The infection does check for, and disable, anti-virus software running on the handset in the same way as the more-advanced desktop viruses. It then sends SMS messages to everyone in the handset address book, containing links to the package, and reports the handset phone number, model and other available details to a remote server.

That server is under investigation by the local authorities, but it's very possible that the miscreants already have a decent list of infected numbers to which they can send commands over the SMS network whenever they want. Those commands could, for example, make the phone call a premium number or premium text service, offering financial reward to the developers.

The only good news is that the infection is so virulent that users rapidly become aware that their phone is infected by all the text messages it suddenly starts sending - a more relaxed version of the same thing would be much harder to detect even if it took proportionally longer to spread.

The best defence against this kind of thing is, of course, a locked-down device with a gatekeeper. Users, in China and elsewhere, always click "continue" in the face of security warnings such as those presented when this infection is received.

As our mobile phones become as prone to infection as our desktop computers, we'll have to decide what price we're prepared to pay for our security before we see a million-strong zombie army in the west. ®

Intelligent flash storage arrays

More from The Register

next story
Of COURSE Stephen Elop's to blame for Nokia woes, says author
'Google did have some unique propositions for Nokia'
FCC, Google cast eye over millimetre wireless
The smaller the wave, the bigger 5G's chances of success
It's even GRIMMER up North after MEGA SKY BROADBAND OUTAGE
By 'eck! Eccles cake production thrown into jeopardy
Mobile coverage on trains really is pants
You thought it was just *insert your provider here*, but now we have numbers
Don't mess with Texas ('cos it's getting Google Fiber and you're not)
A bit late, but company says 1Gbps Austin network almost ready to compete with AT&T
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.