from www.itwire.com – According to kaspersky Lab, the latest Trojan, called SMS.AndroidOD.FakePlayer.b, appears to be a media player to the soon-to-be-infected phone user. Although at 16.4KB, it would have to be a remarkably compact piece of software.
Delivery of the malware is the amusing part of this tale.
Should an Android-based phone owner be unwise enough to search for pornographic videos, they might find that a variety of Russian-language sites appear at the top of the search results.
According to Kaspersky’s report on the new malware, “the owners of these adult content sites are deliberately prompting Android users to download the new Trojan, while users of other platforms receive the desired content.”
Unlike many Windows-targeted viruses and trojans which are infecting merely by visiting a loaded web site, the Trojan-SMS must be manually installed by the user. The package, called porkplayer.apk is (supposedly) required to view the adult content videos.
During the installation process, the software requests permission to send SMS messages, something that ought to seem odd to anyone installing a media player.
Once the user launches the fake application, Trojan SMS.AndroidOS.FakePlayer.b begins sending SMS messages to a premium rate number without the user’s knowledge. The messages cost $6 each, resulting in hefty sums being transferred from the user’s account to that of the cybercriminals.
“Android users should pay close attention to the services that an application seeks permission to access,” said Denis Maslennikov, Mobile Research Group Manager at Kaspersky Lab. “Automatically permitting a new application to access every service that it says it needs to means you could end up with malicious or unwanted applications doing all sorts of things without requesting any additional information.”
The Android platform is rapidly becoming a target for malware authors as it is expected to become very dominant. Both IDC and Gartner anticipate it becoming the leading smartphone operating system over the next few years.
from www.forbes.com – When Steve Jobs said that Androidâs porn-friendly app strategy was âa place we donât want to go,â he may have been exercising good judgementâif not for prudish reasons, than to avoid the unsavory characters that use those apps as bait.
On Wednesday, Kaspersky researcher Denis Maslennikov wrote in his blog that a variant of the Android-focused Trojan he found last month is now being distributed in search results for Russian adult content and boosted to higher prominence with search optimization techniques.
One of those results prompts users to download a fake porn player linked in those results, which then sends text messages to premium rate numbers that charge $6 each.
The fake porn player isnât being distributed in Googleâs official Android app marketâonly via the Web on the Russian porn site whose URL Kaspersky has asked me not to share. But like any Android app, the player is still required to ask permission before accessing a phoneâs capabilities. And Maslennikov reminds users that they should be especially careful when downloading any app that asks for authorizations that seem inappropriate. âThis should serve as an immediate warning, especially since media players should not require access and permission to send SMS messages,â he writes.
Google can expect this sort of problem to growânot just because its app strategy is far more open than Appleâs iOS, but also because it will have a much larger market share to tempt cybercriminals. A note to investors from PiperJaffray yesterday predicted that Android will control half the mobile market in five years.