Virus writers hit Google Android phones
- Published
A malicious application that can steal cash via phones running Google's Android operating system has been found.
The program poses as a media player but once installed starts sending premium rate text messages.
The service being sent messages is operated by the malicious app's creator, who scoops up the fees.
Discovered by Kaspersky Labs, it is believed to be the first booby-trapped application for Android.
In a security advisory Kaspersky said that the virus - Trojan-SMS.AndroidOS.FakePlayer.a - is being spread by text message. The message prompts users to install an application, 13KB in size, which purports to be a media player.
The virus was most prevalent among Russian Android users. The risk to Android owners worldwide is believed to be low.
'Trusted model'
In its advisory it said that the huge growth in the number of Android applications was likely to make the phones tempting targets for criminals.
"We can expect to see a corresponding rise in the amount of malware targeting that platform," said Denis Maslennikov, mobile research group manager at the firm.
Simeon Coney, spokesman for mobile security firm AdaptiveMobile said booby-trapped applications that run up big bills via premium rate numbers were very common on other platforms such as Symbian.
Symbian is the most popular smartphone operating system, commonly used on handsets built by Nokia and Sony Ericsson.
"There are a significant number of Java based mobile viruses that do exactly the same malicious activity of sending out premium rate (i.e. reverse charge) SMS," he said.
Like other mobile application stores, Google has a system in place that can revoke malicious applications and stop them running on handsets.
"Our application permissions model protects against this type of threat," said a spokesperson for Google.
"When installing an application, users see a screen that explains clearly what information and system resources the application has permission to access, such as a user's phone number or sending an SMS.
"Users must explicitly approve this access in order to continue with the installation, and they may uninstall applications at any time.
The spokesperson said the firm advises users to "only install apps they trust".
"In particular, users should exercise caution when installing applications outside of Android Market."
- Published2 August 2010
- Published10 August 2010