New Android Trojan spreads like a worm
Posted on 30.04.2014
A new SMS Trojan with worm-like spreading capabilities has been spotted targeting Russian Android users.

Dubbed "Samsapo," the malware can also extract information (phone numbers, text messages) from the infected device and send it to a remote server, can download additional malicious files from predefined URLs, and can block phone calls and change alarm settings.

The Trojan is difficult to spot - its package is named in a way to make it seem that the software is a system utility app and, once installed, it does not show an icon, and doesn't have a GUI that the user can access by accident.

The method it uses for spreading is still very unusual for Android malware, and takes a leaf from the playbook of Windows-oriented malware peddlers: users get infected when they receive an SMS (apparently sent by a known contact) that says (in Russian): "Is this your photo?" and they download the linked-to malicious APK package.

Once on the target device, the malware continues the infection cycle by sending out the same message to the people whose contact details are stored on it.

"The attacker’s domain that serves as a drop-zone for the Android malware was registered on April 24, 2014," shared ESET researcher Robert Lipovsky. Currently only Russian users are targeted, but this malware has the potential to spread far and wide with only a few tweaks.

Luckily, users can protect themselves from it and from other Android malware by being careful what links they follow and what apps they download, and also by restricting the installation of apps from unknown sources.










Spotlight

Free security software identifies cloud vulnerabilities

Posted on 21 October 2104.  |  Designed for IT and security professionals, the service gives a view of the data exchanged with partner and cloud applications beyond the network firewall. Completely passive, it runs on non-production systems, and does not require firewall changes.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Oct 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //