Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Android 'SMSZombie' Trojan infects 500,000 Chinese users

Difficult to de-install

Article comments

Reports have emerged from China of an ingenious new backdoor Android malware attack that has infected hundreds of thousands of subscribers and can prove difficult to de-install without technical support.

Dubbed Trojan!SMSZombie.A – ‘SMSZombie’ for short - by one of the companies reporting on it, the malware is said to have spread through the largest Chinese Android marketplace, GFan, piggybacking itself as a back door on the back of porn-themed wallpaper apps.

The innovation is the use of a backdoor to install itself before the payload is downloaded. This makes detection harder, said the company that detected it, TrustGo.

The malware becomes active once it has been selected as the smartphone’s wallpaper, after which it asks to download additional files in the form of what claims to be an ‘Android system service.’

It then asks for administrator privileges (pressing the cancel button for this request simply throws up a dialog box each time), after which the user cannot disable the app using Android’s ‘uninstall app’ function.

Beyond the fact that the criminals have control of the device and can intercept messages, the purpose is to defraud the user of money via payments exploiting an unspecified flaw in the China Mobile SMS Payment System.

Noticed as long ago as 25 July, TrustGo said that it believed the malware had infected more than 500,000 smartphones.

“It has been confirmed that this virus has been used to recharge online gaming accounts via the China Mobile SMS Payment system. Commonly, the victim’s account is charged a relatively low amount to escape detection,” said TrustGo.

SMSZombie is unlikely to affect subscribers in countries such as the US and UK, but its design indicates that attackers are thinking of ways to beat new layers of security added to protect Android systems.

All the same, SMS frauds via premium rate services are far from unknown, although such events have yet to sink receive wider publicity In May, a fake Angry Birds app was discovered that had infected 1,400 UK phone users, defrauding them of around £28,000 ($44,000).

In July, Trusteer reported on an Android Trojan being distributed to beat the SMS authentication systems used by European and US banks.

SMSZombie can be de-installed manually by following the instructions posted by TrustGo.



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *