First Android Trojan Sends SMS Messages to “Premium Numbers”

[Shadez]

First Android Trojan Sends SMS Messages to “Premium Numbers”

Have you ever wondered who SMSes porn and astrology lines at $9.99 per message? Your phone! A new Trojan for Android adds a small Android extension that sends SMS messages to “premium numbers,” charging the users a few dollars per message.

Kaspersky has identified it as Trojan-SMS.AndroidOS.FakePlayer.a and it only works on Russian networks. It doesn’t seem like the brightest or most dangerous Trojan ever written – you obviously have to download it yourself, probably as part of another package – but it’s still pretty scary stuff, especially if you have no interest in astrology.


First Android Trojan Sends SMS Messages to “Premium Numbers”

 

[samiusmc]

Here's an update to the Trojan info:

Security experts warned on Tuesday about what is believed to be the first Trojan targeting Android-based mobile devices that racks up charges by sending text messages to premium-rate numbers.

The Trojan-SMS malware, dubbed "Trojan-SMS.AndroidOS.FakePlayer.a," is being distributed via an unknown malicious Web site, said Denis Maslennikov, senior malware researcher at Kaspersky Lab.

Users are prompted to install a "media player application" that is a little bigger than 13 kilobytes, but which is hiding the Trojan inside, according to Kaspersky and mobile-phone security company Lookout, which analyzed the threat.

Like all Android apps, the program asks for permission to do certain things upon install. In this case it asks for permission to send SMS messages, with a prompt that identifies it as a "service that costs you money," as well as to read or delete data and collect data about the phone and the phone ID, Kaspersky and Lookout said.

Once installed, the Trojan starts sending SMS messages behind the scenes that cost several dollars per message, without the device owner knowing it.

It appears to be affecting Android smartphone users in Russia and to only work on Russian networks, Lookout said. "As far as we know, there is no indication that this app is in the Android Market," Lookout said in a blog post. It was also reported on a Russian smartphone news site.

A Google spokesman provided this statement when asked for comment: "Our application permissions model protects against this type of threat. When installing an application, users see a screen that explains clearly what information and system resources the application has permission to access, such as a user's phone number or sending an SMS. Users must explicitly approve this access in order to continue with the installation, and they may uninstall applications at any time. We consistently advise users to only install apps they trust. In particular, users should exercise caution when installing applications outside of Android Market."

Android users must change a default setting to accept apps from outside the Android marketplace.

To tell if you are affected, review your bills for any premium SMS messages. Lookout also suggests that if you have recently downloaded a media player, check the permission to make sure the app is not sending SMS messages.

The company recommends that smartphone users only download apps from trusted sources, and avoid downloading media player files that request permission to access your text messages, particularly if they want to send messages from the phone.

First SMS-sending Android Trojan reported | InSecurity Complex - CNET News

 

[DessoThumbs]

I want my androidavast!