This is in fact the first such app found on Android and it comes in the guise of the popular Madden NFL 12 game.
Kaspersky's Mobile security researcher Denis Maslennikov has found
a malicious application that affects Android smartphones. The app is
actually an Internet Relay Chat bot that runs automated tasks over the
internet. This is in fact the first such app found on Android and it
comes in the guise of the popular Madden NFL 12 game.
When an Android smartphone user downloads and installs the popular
game or application from lesser-known third party app stores, the IRC
bot quietly gets installed in the device.
Maslennikov explains that after the app is installed, the malware,
disguised as Madden NFL 12, aims to take complete control of the device.
Once the malware gets root (administrator level) access, the IRC bot
gets installed along with an SMS
Trojan. The root access allows the attacker to control the smartphone
remotely and send an SMS to a premium rate number and thereby increase
cost for the user.
All this is in the background and the user has no clue of what is
happening to the credit balance. The premium rate numbers are usually
international numbers, hence SMSes to these numbers cost a lot.
The IRC bot connects to any random remote IRC server with a random
nickname. Once connected, the IRC bot becomes capable of receiving shell
commands to perform specific functions on the device. In this entire
attack, the malicious app needs to gain root access to perform nefarious
tasks. If your device is not rooted, or if it is rooted through proper
methods, there is nothing to worry about.
As always, users are recommended to download apps only from reputed
and verified app stores such as Android Market, Amazon App Store and
Getjar. Applications from an unknown location can prove to be dangerous.
Needless to say, this premise depends on one thing — if the phone is
rooted and that with an outdated code. Unless you are an advanced user
we recommend not rooting the smartphone© 2010-2012 The Little Ganesha® All Rights Reserved.
Subscribe in a reader
No comments:
Post a Comment