backtop


Print 26 comment(s) - last by Tony Swash.. on Sep 14 at 10:26 AM

Russian-language porn sites host new Trojan

While viruses are not nearly as common on mobile devices as they are on personal computers, security firms have warned about the possibility of app attacks in the past, and we've seen it in the form of an SMS Trojan on the Android platform. Now, a second Trojan has made its way to Android.

The new malware is being distributed on adult-oriented Russian websites that prompt only Android users to download the Trojan, while those visiting the sites through other platforms are able to obtain the desired content, a Kaspersky Lab press release said.

"As with its predecessor, the latest Trojan – Trojan-SMS.AndroidOS.FakePlayer.b – masquerades as a media player," said the U.K.-based security vendor. "Users of smartphones running Android are asked to download the pornplayer.apk application from an infected webpage in order to view adult content videos. The installation file is only 16.4 KB and during installation the Trojan seeks the user's consent to send SMS messages – a requirement that a media player is very unlikely to need."

In order to view the adult content, Android users are prompted to download a 16.4 KB file named "pornplayer.apk" from the infected websites. During installation, the Trojan gains consent to send SMS messages -- a highly unlikely requirement for a typical media player.

Once the app is launched, the Trojan sends SMS messages to a premium number at a rate of $6 per message, and right into the hackers' bank accounts.

"Android users should pay close attention to the services that an application seeks permission to access," said Denis Maslennikov, a Kaspersky rep said. "Automatically permitting a new application to access every service that it says it needs to means you could end up with malicious or unwanted applications doing all sorts of things without requesting any additional information."

Because the code for the new Trojan is very similar to the first one we saw a month ago, Kaspersky believes that it is very likely to be authored by the same person or group of people.

Last week, an Austrian security testing lab released a study of four comparative smartphone security products, PCMag reports. The findings recommend that "nobody who uses a smartphone should go without security software."

The AV-Comparatives study, found here in its entirety, compares ESET Mobile Security, F-Secure Mobile Security, Kaspersky Mobile Security, and Trend Micro Mobile Security, all of which support Windows Mobile 5.0-6.5 and Symbian 9.1-9.4, while F-Secure also supports Android and Trend Micro supports Android7, PCMag notes.

AV-Comparatives does not recommend one of the security suites over another, but merely contends that each one has its values that should be considered by smartphone users. Each of the products offers the standard security protection you'd find in a PC suite -- namely firewall protection and mobile virus detection.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: fixed
By Alexstarfire on 9/13/2010 4:58:44 PM , Rating: 2
or his other quote: "You can't fix stupid."


RE: fixed
By Alexstarfire on 9/13/2010 5:00:03 PM , Rating: 2
Bleh, I should have clicked the link before replying.


"It's okay. The scenarios aren't that clear. But it's good looking. [Steve Jobs] does good design, and [the iPad] is absolutely a good example of that." -- Bill Gates on the Apple iPad

Related Articles













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki