New Android Trojan spreads like a worm
Posted on 30.04.2014
A new SMS Trojan with worm-like spreading capabilities has been spotted targeting Russian Android users.

Dubbed "Samsapo," the malware can also extract information (phone numbers, text messages) from the infected device and send it to a remote server, can download additional malicious files from predefined URLs, and can block phone calls and change alarm settings.

The Trojan is difficult to spot - its package is named in a way to make it seem that the software is a system utility app and, once installed, it does not show an icon, and doesn't have a GUI that the user can access by accident.

The method it uses for spreading is still very unusual for Android malware, and takes a leaf from the playbook of Windows-oriented malware peddlers: users get infected when they receive an SMS (apparently sent by a known contact) that says (in Russian): "Is this your photo?" and they download the linked-to malicious APK package.

Once on the target device, the malware continues the infection cycle by sending out the same message to the people whose contact details are stored on it.

"The attacker’s domain that serves as a drop-zone for the Android malware was registered on April 24, 2014," shared ESET researcher Robert Lipovsky. Currently only Russian users are targeted, but this malware has the potential to spread far and wide with only a few tweaks.

Luckily, users can protect themselves from it and from other Android malware by being careful what links they follow and what apps they download, and also by restricting the installation of apps from unknown sources.










Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //