12 December 2014
Android/SmsSend is an SMS-sending malware that reaps profit from sending SMS messages to premium rate numbers
Cyber security sleuths have alerted Android-based smart phone users against an infectious Trojan virus, which steals vital information from the personal device and can even illegally send SMSes to those on the mobile contact list as well as to premium rate numbers.
The deadly virus has been identified as ‘Android/SmsSend’ and it can acquire as many as four aliases to hoodwink the user and perpetrate its destructive activities on a personal Android enabled device. SmsSend.A is a version of another malware called OpFake. It reaps profit by sending the message “gf bigfun 281 fnuXW9Ey5” to these numbers: 9993, 9994, and 9995. SmsSend.C operates in the same way SmsSend.A does, but uses a different display image, message content and recipient numbers. When executed, it displays images of nude women and sends out the message .galve 328 SjhFaG1IK. to 6008, 6006, 6152, and 6952 numbers, says F-Secure in an advisory.
In its latest advisory to Android device users, the Computer Emergency Response Team of India (CERT-In) said, “Android/SmsSend is a premium service abuser family malware that arrives bundled with legitimate Android applications and infects Android based smart phones. Once infected, it sends text messages (typically with a link to itself or a different threat) to a specific number, typically to numbers on the contact list and is also capable to send SMS to premium rate numbers”.
The CERT-In is the nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian Internet domain.
It said that after a typical successful infection of the virus, basic information about the smart phone like IMEI number, device id, device type among others are compromised and it can even install spyware on the targeted device.
The virus is so notorious, the agency said, that it ‘steals contacts and pictures, tracks the location, steals passwords, illegally accesses text messages, crashes a complete system, steals personal banking information when logged in, installs other sort of spyware and disables firewall and anti-virus program to defend itself.”
The CERT-In said the malware is created by modifying the legitimate application and then re-distributing via marketplace or other separate channels.
The agency has suggested some counter-measures in this regard.
“Do not download and install applications from untrusted sources, install applications downloaded from reputed application market only, run a full system scan on device with mobile security solution or mobile anti-virus solution, check for the permissions required by an application before installing, exercise caution while visiting trusted/ untrusted sites for clicking links, install Android updates and patches and use device encryption or encrypting external SD card feature available with most of the Android operating system (OS),” it said.
Also, avoid using unsecured, unknown Wi-Fi networks and make a practice of taking regular backup of the Android device, the advisory said.
Source – http://www.moneylife.in/article/android-devices-face-threat-from-password-sms-stealing-malware/39774.html