11:24:00 AM
Unknown
The botnet is reportedly spreading through popular games like Angry Birds Space.
Wednesday, December 19, 2012: Malware in Android is nothing new, but this is surely a different one. A new spam botnet has been discovered in Android operating system that can send out thousands of SMS messages without permission of the user.
The threat has already been spotted on all major US carriers and could be harmful enough to make an big impact at the network level. The botnet seems to be spreading through SMS messages (it has not yet been detected on any major app stores) that advertise free versions of popular paid games like Angry Birds Space.
After the user taps on the link that comes with SMS message, the phone downloads an app that claims to install the game after which, SpamSoldier opens and removes its icon from the launcher and immediately starts sending spam messages.
SpamSoldier tries to keep the user in the dark by hiding evidence of its malicious activity. It also installs a free version of the game in question to keep users unaware of what is really happening. Furthermore, outgoing spam messages are removed from the list and the malware even attempts to intercept incoming SMS replies to the spam it sends.
The app connects to a remote Command & Control (C&C) server to receive its instructions: the SMS spam message and a list of 100 US phone numbers to spam. It then churns through the list as fast as the device allows, and once it finishes, it calls home to get a new list of 100 numbers. It only stops when the C&C either does not respond or the app is closed.
To protect yourself, we recommend that you only download apps from reputable app stores and check that the developer is credible before downloading. In other words, never click on links in text messages.
Source: news.efytimes.com
0 σχόλια:
Post a Comment