Arrogant dragon will have cause to repent
|
|
|
Android virus is spotted
RUSSIAN MALWARE SLEUTHS Kaspersky Lab has reported the discovery of an SMS Trojan hitting Android handsets.
Researchers at the firm said that it had discovered the first Trojan SMS for the Android operating system. Called the Trojan-SMS.AndroidOS.FakePlayer.a, it has already infected a number of mobile devices, according to Kaspersky.
The Trojan makes its way onto app-download happy smartphone devices by pretending to be a media player. The file, which has the standard .APK file extension and weighs in at around 13KB, is taking on all comers, as it wreaks havoc on user phones by sending premium rate messages.
The money from these messages, which happen without user consent or knowledge, goes to straight to cybercriminals, which should surprise no one.
This is not the first attack on an Android device, and in fact Vodafone once cut out the middle man by sending out HTC Magic handsets with the Mariposa botnet already on board. However, Kaspersky explained that this was the first to specifically target the operating system, and said that judging by current reports the number of attacks would keep pace with OS adoption.
"The IT market research and analysis organisation IDC has noted that those selling devices running Android are experiencing the highest growth in sales among smartphone manufacturers. As a result, we can expect to see a corresponding rise in the amount of malware targeting that platform," says Denis Maslennikov, mobile research group manager at Kaspersky Lab.
Kaspersky did not initially say how the Trojan infected its victims, but later confirmed that they were prompted to download the malicious application while browsing the web. One media player must not be enough for some people.
The Android OS provides information on what elements of the system any application will affect. Kaspersky recommends that users pay special attention to this. µ
Share this:
Share
Hi, I'm from Lookout and wanted to let you know that we have a fix for the Trojan. If you are already a Lookout user, you will get this update automatically. If you don't have Lookout, you can get it free at https://www.mylookout.com/download-mobile-security.
I did my own research and found here http://phandroid.com/2010/08/10/sms-trojan-making-its-round-on-android/
that the name of the package is
MS.AndroidOS.FakePlayer.a
What would you expect from a package that starts with MS(aka MicroSoft!)
It had to be obvious that was malware!
There's always a balance between user "control" and the risk it would cost. When you have more power and control over a system you should be more careful with it. System administrators overcome this problem by limit the control of users so they can't harm the system.
There's also anti-malwares that could help user, but hey do you want to waste your battery and cpu for a scanning software? Be more careful and you don't even need it.
As the "sudo" command say: Power brings responsibility.
Going for fear-mongering clicks?! This is not a virus, this is an app praying on the consumer's ignorance about the app. It's Malware.. not a virus.
android has a BIG warning dialog that says what the application will have access to, and when you install it you CONFIRM that it will be allowed to send SMS messages...
so in stupid speak "i want this application now and i will completly disregard the warning" hehe :p
Pointing out that the app was downloaded is brilliant, you deserve a cookie. Clarifying other Mike's question, is (was) this on the marketplace or just a download on an obscure site? Was it a carrier's marketplace, the general Android store, or some download on a seedy porn site?
If they told people how you get infected, they would sell less anti-virus programs. I think you have to actually install the apk manually to get infected, but I'm not sure. I hate the way websites, especially the BBC give this free advertising away periodically to anti-virus software vendors.
"The Trojan makes its way onto app-download happy smartphone devices by pretending to be a media player."
People that download things without understand what they actually are and don't read the file name. I would think the word "fake" in the file name would make it clear, but that would be expecting to much from a typical user.
The article doesn't seem to say anywhere how this virus is spread or installed. Is it in the marketplace? Do you get it off infected mms messages? Where does it come from? Some details here would be helpful to your readers. The link in the article doesn't take you to anything about this specific virus, just to the security outfit's virus lookup page. A direct link to the virus information page would be nice.