SMS-Sending Trojan Targets Android Smartphones

Security researchers at Kaspersky Lab say they’ve found the first SMS Trojan targeting mobile devices running the Android mobile operating system in Russia.

Dubbed Trojan-SMS.AndroidOS.FakePlayer.a, the malicious code disguises itself as an innocuous-looking “Movie Player” application for viewing media content on the mobile device.

However, once users voluntarily agree to install the app, the Trojan proceeds to send SMS messages to premium-rate numbers charging several dollars per message without the smartphone owner’s knowledge or consent.

Thus far, according to an alert on the Kaspersky website, the Trojan has only affected Android smartphone users in Russia subscribing to Russian wireless networks. It’s not been found in the Android Market application store either, though Android’s growing popularity makes it a likely target of malware distributors.

“The IT market research and analysis organization IDC has noted that those selling devices running Android are experiencing the highest growth in sales among smartphone manufacturers,” Denis Maslennikov, Kaspersky Lab’s mobile research group manager, said in the advisory. “As a result, we can expect to see a corresponding rise in the amount of malware targeting that platform.”

Security pundits at last month’s Black Hat security conference in Las Vegas spoke at length about a variety of security vulnerabilities that hackers were exploiting in both Android and iPhone devices.

In October, Google (NASDAQ: GOOG) issued a couple of patches for version 1.5 of its mobile operating system to resolve two vulnerabilities that could have led to denial-of-service (DoS) attacks.

Google officials were not immediately available to comment on the SMS-sending Trojan found in Russia, but a spokesperson told the New York Times: “We consistently advise users to only install apps they trust. In particular, users should exercise caution when installing applications outside of Android Market.”

It’s worth noting that the bogus application does list “Services that cost you money (send SMS messages)” as one of the required permissions prior to installation, so users are at least alerted to the fact that installing this particular app — even though it’s not the application they think they’re getting — could result in text-messaging charges.

Kaspersky Lab security experts advise Android smartphone users to pay close attention to the services that new applications request to access at the time of installation, as well as their wireless service bills and accounts.

Larry Barrett is a senior editor at, the news service of, the network for technology professionals.

Larry Barrett
Larry Barrett is an eSecurity Planet contributor.

Top Products

Related articles