Print 36 comment(s) - last by Nutzo.. on Aug 21 at 2:06 PM

Malware is stubborn and hard to remove

Since July, a new strain of malware has been attacking Android smartphones in China.  Dubbed SMSZombie.A, the malware spreads by wallpaper apps on China's largest apps marketplace, GFan.

The apps come with alluring titles, such as "Android Animated Screensaver: Animated Album I Found When I Fixed My Female Coworker's Computer".  

When the user sets the in-app wallpaper as their selected wallpaper, they receive a prompt requesting to download additional files.  Those files are a malware packaged dubbed "Android System Service".  Once installed, that package request administrative privileges, repeatedly popping up the dialogue until the user accepts.

As with various text message scams in the U.S., sending and receiving messages from premium SMS numbers make the bulk of the profit from the malware.  As carriers receive a cut of the profits from premium SMS messages, some carriers have been unwilling to block abusive premium SMS entities, even if it means their customers are being ripped off.  

The new Android malware is particularly clever as it deletes receipts from premium SMS services, disguising the fees from the user.  Researchers suspect the malware may also be attempting to steal bankcard numbers and money transfer receipt details.

SMS Zombie
The SMSZombie malware acts a malicious Trojan [Image Source: TrustGo]

So far 500,000 Android smartphones in China have been infected by SMSZombie, according to TrustGo, a mobile security firm.

As the actual wallpaper apps contain no direct malware, they are hard for mobile antivirus software to detect.  They also reportedly are resistant to removal.

Android malware is most prevalent in China, where poorly regulated third party applications markets dominate the Android software space.  Such markets are oft rife with pirated and malicious applications [1][2][3].

In the last quarter approximately 34 million Android smartphones shipped to the Chinese market, according Canalys [source].  The biggest player is Samsung Electronics Comp., Ltd. (KSC:005930), who is shipping close to 10 million units a quarter to the world's biggest smartphone market.  Huawei Technologies Comp. (SHE:002502and HTC Corp. (TPE:2498) also command large Android sales in the market.

Source: SMSZombie

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: Yeah, well
By chris2618 on 8/20/2012 2:04:30 PM , Rating: 2
As you need to tick the box to allow 3rd part apps i think you can assume the person knows what they are doing.

RE: Yeah, well
By kleinma on 8/20/2012 2:30:58 PM , Rating: 2
Except Amazon AppStore requires that and offers a video for doing that on their site, so once someone was brave enough to figure out how to get the amazon app store on their phone because someone told them they could get a free app everyday, their phone is now wide open to it.

likewise I have no idea how things are done in China, and it could very well be that outside apps are allowed by default on some of those handsets. My guess is China, the handset makers that we don't hear about globally are just using android because it is free.

RE: Yeah, well
By chris2618 on 8/20/2012 4:04:16 PM , Rating: 3
If you don't know what it does and can't be arsed to investigate the consequences of your actions then "a fool and his money are soon parted" comes to mind.

The makers using android for free are mostly going to use a stock version which would have it off by default

RE: Yeah, well
By Flunk on 8/20/2012 2:32:17 PM , Rating: 2
No, no you don't. To most users that box is basically a big switch that says "click me now". They don't even really know what it does, they just know that they have to tick it.

RE: Yeah, well
By chris2618 on 8/20/2012 3:49:27 PM , Rating: 1
"No, no you don't"
Well you do need to tick the box

"click me now"
Really, its under the security options and a clear notice comes up when you try to allow. At most its a big switch that says "call son before allowing"

"I'm an Internet expert too. It's all right to wire the industrial zone only, but there are many problems if other regions of the North are wired." -- North Korean Supreme Commander Kim Jong-il

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki