Feeds

Wave of Trojans breaks over Android

Fake security updates and other Windows malware-style trickery

Using blade systems to cut costs and sharpen efficiencies

Fraudsters have cranked up production of malware targeting Android devices with with a rash of Trojans, many of which apply tricks long used against Windows PCs.

F-Secure reports that a rogue developer has modified a harmless app that displays pictures of bikini-clad babes into a tool that secretly establishes a rudimentary mobile botnet. "The added code will connect to a server and send details about the infected handset to the malware authors," F-Secure reports. The malware waits for an incoming phone call before it send the phone's IMSI, IMEI, SDK Version and information regarding any packages installed to a remote server.

AVG adds that 25 rogue Android apps were discovered on the Android marketplace over the weekend that contained a variant of the DroidDream trojan. Google purged these apps but more rogues have since reappeared, it adds. AVG is working with Google's Android security team in dealing with the fresh threat. It estimates a combined total of 15,000 handsets have been hit by the DroidDream outbreak.

Separately a malicious link in spammed SMS messages is being used to fool users in China into downloading a supposed Android security update that is actually an SMS distributing Trojans. AdSMS uses the sort of trickery long used by fake Windows security update Trojans, but with the added twist that the mobile malware is capable of sending SMS messages to a premium rate number, enriching virus distributors and their partners in crime at the expense of infected users in the process.

Many of the same security problems long prevalent on Windows are repeating themselves on Android, making the platform an increasingly attractive target for hackers, a recent security analysis by Kaspersky Labs reports. These problems include a large number of Android devices running outdated software harbouring unpatched vulnerabilities in the hands of users who routinely ignore security alerts. "As with Windows, the most infected computers are those on which users have administrator privileges, the greatest risk of infection is faced by those Android systems which have been jailbroken," Kaspersky analyst Yury Namestnikov. "Mobile malware communicates with its owners using a method that is widely employed by Windows malware – via command-and-control centers, which will ultimately lead to the emergence of mobile botnets," he adds.

Although it is a growing problem, Android-specific malware still lags between Trojans and the targeted Symbian-based smartphones. That's no mean feat considering the first malware for Android devices appeared less than a year ago, back in August 2010.

Android became the second most popular environment for mobile malware behind Symbian OS during the first three months of the year, according to a study (23-page PDF/6.6MB) by McAfee published on Wednesday. It reports more than 1,000 different mobile malware strains during Q1 2011, around three-quarters of which affected Symbian devices. Cross-platform Java-based mobile malware and Android-targeting malicious code were the next two most prevalent categories in McAfee's chart. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Black Hat anti-Tor talk smashed by lawyers' wrecking ball
Unmasking hidden users is too hot for Carnegie-Mellon
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.