This is BX @ Boxden.com


Theres an Android Trojan Virus Running Around


 Theres an Android Trojan Virus Running Around
topic by Adamsville - 08-11-2010, 08:57 AM - Boxden > Android Owners Lounge


A local outbreak of a mobile trojan in Russia has shown us something new: The Android operating system might need an antivirus.

The malware was detected by security firm Kaspersky, who confirmed the file is named “Trojan-SMS.AndroidOS.FakePlayer.a” and is downloaded as a typical .APK Android app. The company stated this is the first known Android (Android)-specific trojan.

The malware works by posing as a media player app. Once the app is installed on the mobile device, the trojan begins to send SMS messages to premium rate numbers without the device owner’s knowledge. Since the trojan’s creators are usually the ones on the other end of those premium numbers, they end up profiting from the scam.

This SMS-based type of malware is currently one of the most common forms of mobile viruses. SMS trojans have been around for years on mobile phones, even predating the smartphones we all know and love. The first mobile SMS virus appeared in 2004, and the first-ever Android malware (isolated incidents of spyware) popped up in 2009.

Kaspersky Lab is currently working on Android-specific antivirus technologies; the company plans to release Kaspersky Mobile Security for Android early next year. Other antivirus apps are available in the Android Market (Android Market); in the past, such applications were thought unnecessary.

However, as this platform continues to experience meteoric growth, even outselling iPhones in the first half of this year, more criminals will be attracted to the money-making capabilities of Android viruses. We hope that Google (Google) and device carriers and manufacturers will think about security and antivirus options when planning on-board apps for future OS updates.

The trojan “media player” that’s causing concern today isn’t available in the Android Market. Rather, it is “being distributed from a malicious website,” according to Kaspersky researcher Denis Maslennikov. “You have to click it manually, there is no drive-by download. If you try to install it, the smartphone will ask you to grant permission for the application to send SMS messages, read or delete data from SD and collect the data about the phone and phone ID.”

As always, be aware of what you download, especially if you’re downloading apps outside the Android Market. Kapersky recommends you pay particular attention to the “permission slip” list of hardware or software an application accesses. These lists are available for every Market and non-Market Android app. If the app needs to make premium-rate SMS or phone calls, you might want to think twice before downloading and installing it.

UPDATE: Reader Jon Oberheide emailed us to say he’d gotten a copy of the trojan and dissected its code. On his personal blog, Oberheide writes that the malware “appears to be hastily built off of the HelloWorld example program distributed in the Android SDK.” When the user first tries to run the app, he will be told to wait for the media player to find the video library. During this time, the device will send a string of numbers to an SMS shortcode three times. After those three messages are sent, the program won’t run again. As Oberheide concludes, “It would be unwise for the trojan to continually barrage the premium SMS number with additional messages from the same user as it would likely raise more red flags.”


share this topic »   Share this on Twitter Share this on Facebook

13 comments for "Theres an Android Trojan Virus Running Around"


 08-11-2010, 09:19 AMaway - #2
wtr1906 30 heat pts30

  d 
space
$13,964 | POWERFUL
time to give .APK's a break for a while
 08-11-2010, 09:54 AMaway - #3
Gonzilla 1 heat pts

  d 
space
$4,249 | 7572230
What's the name of that media player?

I see the name of the virus, but not what the App is actually called (I'm a$suming its not called "Fake Player").

Those evil Russians. Those smart, evil Russians.


Kaspersky stay going hard. Only (paid) antivirus I use on both of my computers so running it on my phone will be welcomed.
 08-11-2010, 10:13 AMaway - #4
JaiMega 

  d 
space
$15,141 | 0
Guess we had to expect this eventually.
 08-11-2010, 10:21 AMaway - #5
Tiko377 884 heat pts884

  d 
space
$7,634 | POWERFUL
this is all of AT&T doing to show verizon see what happens what you leave it a open market
 08-11-2010, 09:11 PMaway - #6
Gonzilla 1 heat pts

  d 
space
$4,249 | 7572230
^what?
 08-11-2010, 10:06 PMaway - #7
mtbatol 8 heat pts

  d 
space
$3,526 | 15408281
Originally Posted by Tiko377
this is all of AT&T doing to show verizon see what happens what you leave it a open market
YouTube - Well ain't that cute...
 08-11-2010, 10:20 PMaway - #8
A.G 27 heat pts27

  d 
space
$36,404 | POWERFUL
Shoulda got a Dr...........####.
 08-11-2010, 10:23 PMaway - #9
Yung Dilla 1200 heat pts1200

  d 
space
$41,311 | POWERFUL
well blackberry here i come tomorrow lol
 08-11-2010, 11:06 PMaway - #10
iTylerA 

  d 
space
$265 | 1785501
Honestly, I don't see what the big deal is. This is a KNOWN risk when you check the Install from Outside Sources box. But Between the Lookout app that scans every app on schedule, and any app you install, not to mention the other Antivirus apps. They run in the background and don't take up space. and Lookout is free. so why not?

Kapersky recommends you pay particular attention to the “permission slip” list of hardware or software an application accesses. These lists are available for every Market and non-Market Android app.
When a music player needs access to SMS and contact lists? I'd take a second look.
 08-12-2010, 08:16 PMaway - #11
MosDefinition 7 heat pts

  d 
space
$16,447 | POWERFUL
its called fake media player that should have given someone a hint
 08-12-2010, 08:45 PMaway - #12
Venom 29 heat pts29

  d 
space
$12,993 | POWERFUL
why this never happened to iphones when it was popular is beyond me
 08-12-2010, 09:34 PMaway - #13
iTylerA 

  d 
space
$265 | 1785501
Originally Posted by Venom
why this never happened to iphones when it was popular is beyond me
probably cause iPhones can't install 3rd party unless jailbroken and almost nobody jailbreaks their iPhones *shrugs*
 08-13-2010, 11:29 PMaway - #14
Gonzilla 1 heat pts

  d 
space
$4,249 | 7572230
Originally Posted by MosDefinition
its called fake media player that should have given someone a hint
Is that really the name of it?

I thought that was the name of the virus, not the App WITH the virus.
 
 


Go Back   Boxden.Com - Stay First. Follow BX. > BX Table Of Contents > BX Tech > Android Owners Lounge
    
         

 



Latest hot topics on fire the past 48 hrs
Image inside  PS4 “GayStation Edition” Up for Auction To Celebrate ..
56 comments
NBA Who you with? 1, 2, 3, or 4
62 comments
NBA Wad3 county
64 comments
  Jul 26 - I’ve Worked At Mcdonald’s For 10 Years And St...
New reply 45 seconds ago - 343 comments - by RAZAH CUTS
 audio inside G-unit - Come Up
New reply 8 minutes ago - 65 comments - by KingP1n
 Video inside Aaron Hall: Any B*tch That Say My D*ck Is Small Is Lying
New reply 3 minutes ago - 55 comments - by GoldBluded
 OT Could An Assembled Group Of Bxsc Posters Beat The Best...
New reply 9 minutes ago - 84 comments - by HeatMafia410
 Image(s) inside Lil Durk Goin At Soulja Boy 4 Them Fufu Stack$$
New reply 4 minutes ago - 54 comments - by Muunsta
 NBA Throwback: The Greatest Nba Gif Of All Time (pic)
New reply 10 minutes ago - 59 comments - by King Henry
 Image(s) inside Godfather 50 Goes Off For Speaking On His Parenting
New reply 8 minutes ago - 64 comments - by chrismb
 Image(s) inside What's Your Favorite Drink From The Freestyle Coca Col...
New reply 10 minutes ago - 110 comments - by EscoNore

Like BX on Facebook Follow BX on Twitter
5,757 fans of BX | none new today 4,750 following | none new today

hot topic blog   »    hip-hop   |   sports   |   movies   |   games   |   news   |   wild'ish   |   gear   |   rides   |   tech

contact us   |   mobile   |   privacy statement

© Boxden.com. 1998 - end of time.