SECURITY EXPERTS warned today that criminal groups are stepping up efforts to target Android mobile owners, after the discovery of a Trojan that harvests personal data before sending SMS messages to premium-rate phone numbers.
The latest malware to be detected purports to be a legitimate Chinese game called The Roar of the Pharaoh, but it packs a hidden Trojan called Andr/Stiniter-A.
This Trojan, according to researchers at Sophos, is "rather unusual" in that it does not request any specific permissions during installation, which should be a dead giveaway for tech-savvy users.
Sophos reports that the Trojan infected version is being distributed on unofficial download web sites and is proving popular, since the genuine game is not distributed on Google Play.
After an unwary Android owner has installed the "game", the malware harvests information such as IMEI number, phone model, screen size, platform and phone number. It also records the platform and OS version. This data is sent to the malware's authors.
"Like many other mobile Trojans, this one sends SMS messages to premium rate SMS numbers and is capable of reading your SMSs as well," Sophos reported.
"Criminals love the free money laundering service provided by mobile phone providers. They can setup premium rate SMS numbers in Europe and Asia with little difficulty. The mobile phone companies provide the payment processing and the bad guys have their money and are long gone before you ever receive the phone bill with the fraudulent charges."
To make detection harder the Trojan runs as a service named "GameUpdateService". µ