Software // Operating Systems
02:04 PM

Android SMS Trojan Uses SEO To Spread

Disguised as an adult media player, the malware sends $6 text messages until a user's mobile phone account runs out of credit.

New malware that runs on Android smartphones is disguised as a porn media player. But in reality, the application sends expensive text messages to SMS numbers until a user's mobile phone account runs out of credit.

The Trojan application, dubbed Trojan-SMS.AndroidOS.FakePlayer.b, isn't available via the official Android Market app store on handhelds or online, but rather is designed to be discovered online. To that end, it's being distributed "via clever search engine optimization techniques, a clear sign that cyber-criminals are making every effort to infect mobile devices," said Denis Maslennikov, a security expert at Kaspersky Lab.

In other words, people searching the Internet for porn players that run on Android may encounter this malicious application. The attack has a social engineering component, however, in that users must manually install the application and give it permission to send SMS messages. Then again, many legitimate adult content providers today do, in fact, use SMS messages as a billing platform.

The fake application doesn't itself have a user interface. "Once installed, it simply drops an icon -- an adult-themed photograph -- on the smartphone's screen and starts sending premium SMS messages without the user's knowledge, whenever the app is launched," said Maslennikov. "With the search engine optimization techniques being used, there is a likelihood this is infecting a lot of users."

Maslennikov discovered the application while researching the origins of the first-ever SMS Trojan for Android, which he discovered last month. That application is an innocuous-looking "movie player" which, once installed, began sending $5 SMS messages to two different phone numbers.

Both attacks have been primarily targeted at Android users in Russia. "In the past, though, we've seen plenty of local problems evolve to become global ones," he said.

Indeed, if there's a financial angle to exploit with mobile devices, criminals come gunning. For example, in July, security researchers warned of a new botnet targeting Symbian smartphones. That attack likewise sent SMS messages to a premium Russian telephone number until the smartphone ran out of credit.

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
Increasing IT Agility and Speed To Drive Business Growth
Learn about the steps you'll need to take to transform your IT operation and culture into an agile organization that supports business-driving initiatives.
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.