Feeds

Wave of Trojans breaks over Android

Fake security updates and other Windows malware-style trickery

SANS - Survey on application security programs

Fraudsters have cranked up production of malware targeting Android devices with with a rash of Trojans, many of which apply tricks long used against Windows PCs.

F-Secure reports that a rogue developer has modified a harmless app that displays pictures of bikini-clad babes into a tool that secretly establishes a rudimentary mobile botnet. "The added code will connect to a server and send details about the infected handset to the malware authors," F-Secure reports. The malware waits for an incoming phone call before it send the phone's IMSI, IMEI, SDK Version and information regarding any packages installed to a remote server.

AVG adds that 25 rogue Android apps were discovered on the Android marketplace over the weekend that contained a variant of the DroidDream trojan. Google purged these apps but more rogues have since reappeared, it adds. AVG is working with Google's Android security team in dealing with the fresh threat. It estimates a combined total of 15,000 handsets have been hit by the DroidDream outbreak.

Separately a malicious link in spammed SMS messages is being used to fool users in China into downloading a supposed Android security update that is actually an SMS distributing Trojans. AdSMS uses the sort of trickery long used by fake Windows security update Trojans, but with the added twist that the mobile malware is capable of sending SMS messages to a premium rate number, enriching virus distributors and their partners in crime at the expense of infected users in the process.

Many of the same security problems long prevalent on Windows are repeating themselves on Android, making the platform an increasingly attractive target for hackers, a recent security analysis by Kaspersky Labs reports. These problems include a large number of Android devices running outdated software harbouring unpatched vulnerabilities in the hands of users who routinely ignore security alerts. "As with Windows, the most infected computers are those on which users have administrator privileges, the greatest risk of infection is faced by those Android systems which have been jailbroken," Kaspersky analyst Yury Namestnikov. "Mobile malware communicates with its owners using a method that is widely employed by Windows malware – via command-and-control centers, which will ultimately lead to the emergence of mobile botnets," he adds.

Although it is a growing problem, Android-specific malware still lags between Trojans and the targeted Symbian-based smartphones. That's no mean feat considering the first malware for Android devices appeared less than a year ago, back in August 2010.

Android became the second most popular environment for mobile malware behind Symbian OS during the first three months of the year, according to a study (23-page PDF/6.6MB) by McAfee published on Wednesday. It reports more than 1,000 different mobile malware strains during Q1 2011, around three-quarters of which affected Symbian devices. Cross-platform Java-based mobile malware and Android-targeting malicious code were the next two most prevalent categories in McAfee's chart. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.