The Inquirer-Home

Hackers booby-trap an Android racing game with malware

New and improved Trojan botnet software
Thu Jul 07 2011, 15:48

AN AMERICAN UNIVERSITY has discovered a malware-laced Android app, just a month after Google was forced to remove 26 infected apps from its Android Market.

A research team from North Carolina State University headed by professor Xuxian Jiang discovered a trojanised app called Fast Racing, hiding malware which it called 'Golddream'.

The game needs more permissions than clean apps of a similar nature, and when an infected phone boots, the malware will start a service that logs phone numbers and monitors incoming text messages.

It will log a user's incoming text messages, as well as phone numbers. It's also capable of communicating with a remote command-and-control server. So far there is nothing new here - previous malicious apps have worked similarly.

But what is new is the fact that it can connect to alternative servers if instructed to do so, and also update itself, which might make it more difficult to detect.

Anyone who uses this app puts their device ID, subscriber ID and SIM Serial Number at risk, as the malware can make the phone call 'home'.

With the aid of the malware, the hacker can upload files together with call logs from the phone, as well as install or uninstall apps, send text messages and make phone calls.

"Based on this new threat, it appears that Android malware writers have added some new features that are common in the desktop environment, but new to mobile devices." said Trend Micro threat analyst Kervin Alintanahin. µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Microsoft's Windows 10 Preview has permission to watch your every move

Does Microsoft have the right to keylog users of its Windows 10 Technical Preview?