AN AMERICAN UNIVERSITY has discovered a malware-laced Android app, just a month after Google was forced to remove 26 infected apps from its Android Market.
A research team from North Carolina State University headed by professor Xuxian Jiang discovered a trojanised app called Fast Racing, hiding malware which it called 'Golddream'.
The game needs more permissions than clean apps of a similar nature, and when an infected phone boots, the malware will start a service that logs phone numbers and monitors incoming text messages.
It will log a user's incoming text messages, as well as phone numbers. It's also capable of communicating with a remote command-and-control server. So far there is nothing new here - previous malicious apps have worked similarly.
But what is new is the fact that it can connect to alternative servers if instructed to do so, and also update itself, which might make it more difficult to detect.
Anyone who uses this app puts their device ID, subscriber ID and SIM Serial Number at risk, as the malware can make the phone call 'home'.
With the aid of the malware, the hacker can upload files together with call logs from the phone, as well as install or uninstall apps, send text messages and make phone calls.
"Based on this new threat, it appears that Android malware writers have added some new features that are common in the desktop environment, but new to mobile devices." said Trend Micro threat analyst Kervin Alintanahin. µ