New Android Malware Steals Your Money Via SMSBy: Zach Walton - August 20, 2012
Android is an incredibly open system. For the most part, that’s a very good thing. Sometimes, however, it can be a very bad thing. For instance, malware is easier to spread across Android devices due to its open nature. Unfortunately, a new and powerful piece of malware is making its way around the Android ecosystem.
TrustGo Security recently stumbled upon a new piece of malware that can take control of your phone to make unauthorized payments, steal bank card numbers and more. They call it Trojan!SMSZombie.A and it’s a doozy. The good news is that it’s currently only infecting users in China, but the bad news is that it could make it’s way over here at any time.
The team at TrustGo has found the malware to be hosted on various apps at GFan, China’s largest mobile app marketplace. The nasty piece of software can be found hiding in provocative wallpaper apps. It’s an easy sell since nothing attracts downloads like pictures of models and their ilk.
What’s worse is that the malware in question refuses to say no. Upon installing, the app will ask for various permissions. You can hit cancel but it will just reload the permissions page once again. In other words, it forces users to accept the terms of their infection.
After it’s been installed, the malware will intercept and forward SMS messages on your behalf. This is a much bigger deal in China as users send money via SMS. It’s still something to be wary of even here in the U.S. as SMS often contains private info that third parties should not have access to.
For now, the malware can only be manually removed. Fortunately, the guys at TrustGo have a handy guide that will show you how to remove it. They’re also working on an automatic removal process for the next update to their app.
Once again, this virus is currently only ravaging Chinese Android phones, but that doesn’t mean people in other countries are immune. It could just as easily find its way into the many third-party app stores out there. That’s why it’s recommended to only download apps from Google Play. Google has software that scans apps throughout Google Play to make sure they’re virus free.
If all else fails, only download apps from developers you can trust. I know it’s hard to resist the provocative wallpaper app, but there are plenty of those from trusted developers.