Feeds

Wave of Trojans breaks over Android

Fake security updates and other Windows malware-style trickery

Top 5 reasons to deploy VMware with Tegile

Fraudsters have cranked up production of malware targeting Android devices with with a rash of Trojans, many of which apply tricks long used against Windows PCs.

F-Secure reports that a rogue developer has modified a harmless app that displays pictures of bikini-clad babes into a tool that secretly establishes a rudimentary mobile botnet. "The added code will connect to a server and send details about the infected handset to the malware authors," F-Secure reports. The malware waits for an incoming phone call before it send the phone's IMSI, IMEI, SDK Version and information regarding any packages installed to a remote server.

AVG adds that 25 rogue Android apps were discovered on the Android marketplace over the weekend that contained a variant of the DroidDream trojan. Google purged these apps but more rogues have since reappeared, it adds. AVG is working with Google's Android security team in dealing with the fresh threat. It estimates a combined total of 15,000 handsets have been hit by the DroidDream outbreak.

Separately a malicious link in spammed SMS messages is being used to fool users in China into downloading a supposed Android security update that is actually an SMS distributing Trojans. AdSMS uses the sort of trickery long used by fake Windows security update Trojans, but with the added twist that the mobile malware is capable of sending SMS messages to a premium rate number, enriching virus distributors and their partners in crime at the expense of infected users in the process.

Many of the same security problems long prevalent on Windows are repeating themselves on Android, making the platform an increasingly attractive target for hackers, a recent security analysis by Kaspersky Labs reports. These problems include a large number of Android devices running outdated software harbouring unpatched vulnerabilities in the hands of users who routinely ignore security alerts. "As with Windows, the most infected computers are those on which users have administrator privileges, the greatest risk of infection is faced by those Android systems which have been jailbroken," Kaspersky analyst Yury Namestnikov. "Mobile malware communicates with its owners using a method that is widely employed by Windows malware – via command-and-control centers, which will ultimately lead to the emergence of mobile botnets," he adds.

Although it is a growing problem, Android-specific malware still lags between Trojans and the targeted Symbian-based smartphones. That's no mean feat considering the first malware for Android devices appeared less than a year ago, back in August 2010.

Android became the second most popular environment for mobile malware behind Symbian OS during the first three months of the year, according to a study (23-page PDF/6.6MB) by McAfee published on Wednesday. It reports more than 1,000 different mobile malware strains during Q1 2011, around three-quarters of which affected Symbian devices. Cross-platform Java-based mobile malware and Android-targeting malicious code were the next two most prevalent categories in McAfee's chart. ®

Intelligent flash storage arrays

More from The Register

next story
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Mozilla, EFF, Cisco back free-as-in-FREE-BEER SSL cert authority
Let’s Encrypt to give HTTPS-everywhere a boost in 2015
Meet OneRNG: a fully-open entropy generator for a paranoid age
Kiwis to seek random investors for crowd-funded randomiser
USB coding anarchy: Consider all sticks licked
Thumb drive design ruled by almighty buck
Attack reveals 81 percent of Tor users but admins call for calm
Cisco Netflow a handy tool for cheapskate attackers
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.