Fake Adult Webpage Delivers Android SMS Trojan

android Chinese trojan

Security researchers at Zscalar has identified a fake adult webpage that prompts users to download a malicious app in order to get access to the content.    

Once the victim downloads and installs the app, it subscribes the victim to the services offering adult content or on-demand videos. According to the researchers, the malicious app has the ability to send premium rate messages and intercept user messages that allows hackers to validate the subscriptions.

Malware payload.

"The malware also leverages the International Mobile Subscriber Identity (IMSI) property for determining the location of the device, as well as service provider information," researchers added.

Upon successful infection, the following app icon is visible to the end user on their mobile phone:

Since the app name is dynamically generated for each victims, detecting and blocking an app using the name wont stop the attack.

If you want to be protected against these kinds of malware attacks, do not download or install apps from third party app stores. Use Google Play and Amazon Appstore to download apps.

If you want more technical information about this story, feel free to visit Zscalar blog.

No comments

Powered by Blogger.