Android Malware Poses as Angry Birds Space App
The Trojan connects to a remote Web site to download and install additional malware on the victim's device.
"The Trojan horse, which Sophos detects as Andr/KongFu-L, appears to be a fully-functional version of the popular smartphone game, but uses the GingerBreak exploit to gain root access to the device, and install malicious code," writes Sophos' Graham Cluley. "The Trojan communicates with a remote website in an attempt to download and install further malware onto the compromised Android smartphone."
"The compromised device is then at the mercy of the crooks behind the malware, and is now effectively part of a botnet," writes Help Net Security's Zeljka Zorz. "The criminals can make it download any additional packet they want or make the browser surf to any webpage they choose."
"Angry Birds Space, designed by Rovio, reached 10 million downloads in three days, and 20 million downloads within a week, according to Rovio," notes PCMag.com's Mark Hachman.
"This is just the latest example highlighting the need for smartphone users to be careful about where they get their apps," notes The Washington Post's Hayley Tsukayama. "Before downloading an app, always take a couple of seconds to research the app’s publisher and read the reviews before installing it on your phone. Also, be sure to read the permissions on an app before you download it. If there’s something you’re not comfortable with in the permissions, it’s probably not worth downloading."