Worm-like Android malware spreads via text messages
Samsapo uses a worm-like characteristic to spread to other Android devices
IDG News Service - A piece of malware targeting Russian-speaking Android users abuses a person's contact list to try and infect other devices, according to security vendor Eset.
The malware, call "Android/Samsapo.A" can download other malicious files to a phone, steal personal information from a device such as text messages and block phone calls, wrote Robert Lipovsky, an Eset malware researcher. The malware uploads data to a domain that was registered about a week ago.
Samsapo spreads by sending text messages from an infected device to other people in the victim's contact list, a worm-like characteristic that has been used by other mobile malware programs.
The text message says "Is this your photo?" in Russian and has a link to an AndroidA application package (.APK)A file containing a copy of Samsapo.
"This technique wouldnt raise an eyebrow on Windows, but is rather novel on Android," Lipovsky wrote.
The APK file name makes it appear as a system utility: "com.android.tools.system v1.0." The program doesn't have a graphical user interface nor an icon in the application drawer, Lipovsky wrote.
Android will warn users when downloading applications from unknown sources. Google scans its Play store for malicious applications, which reduces the chance a user will download a malicious one.
Security experts generally recommend not downloading Android applications from third-party websites, as even legitimate looking applications may have been maliciously modified. Also, applications that ask for permissions such as reading and writing text messages should be viewed with caution.
Send news tips and comments to firstname.lastname@example.org. Follow me on Twitter: @jeremy_kirk
- Deep Security +VMware vSphere with Operations Management Most midsize organizations are highly virtualized on VMware, and while this has produced significant savings, it also has created new challenges when it...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- DDoS Infographic: How Are Attacks Evolving? For the third consecutive year, Neustar surveyed businesses across major industries to track the evolution of DDoS attacks. Are they more frequent? Larger?...
- How to Use Crowd-Sourced Threat Intelligence to Stop Malware in its Tracks Threat sharing networks have been around for a long time, however they have typically been "invitation-only", available to only large companies, or those...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Malware and Vulnerabilities White Papers | Webcasts