TrustGo Security Labs recently uncovered new malware called SMSZombie, which can be found in several Chinese Android markets.
“The malware poses as ‘wallpaper’ applications featuring racy titles and nude photos,” writes The Register’s John Leyden. “Users who install these dodgy apps get infected. Disinfecting devices is a tricky process because the malware disables users’ ability to simply delete it, TrustGo warns.”
“SMSZombie is designed to steal money from users by sending SMS payments to the attackers,” writes Threatpost’s Dennis Fisher. “The malware has the ability to send payments without the user’s knowledge and can send them at random intervals and for whatever amount the attacker chooses. SMSZombie includes a configuration file that the attacker can update remotely, as well.”
“Infected apps [have] been located in GFan, one of China’s most prominent app stores, among other places and [are] said to have infected more than more than 500,000 users to date,” writes The Next Web’s Jon Russell.
“The creators of the malware were canny enough to build a potent virus which avoided any detection by running in complete stealth mode,” The Droid Guy reports.
“By waiting to deliver malicious code until after installation, this virus is difficult to detect,” TrustGo CEO Xuyang Li said in a statement. “Sophisticated malware like this highlights the fact that the openness of the Android platform is a double-edged sword… Users are able to access an amazing breadth and variety of apps, but must take precautions to ensure the apps they want have not been compromised by hackers.”