We continue to talk about Android malware today – after seeing not one, but two reports in recent days detailing malware expectations in the mobile worlds for 2013, but also after hearing about the Samsung Exynos exploit that could make things easier for malicious apps.
This time around we’re looking at an article posted on the blog of security firm Lookout about a newly discovered SMS spamming botnet. Called SpamSoldier, the spammer botnet “uses infected phones to send a barrage of SMS spam messages without the user’s consent.” Here are some text examples:
As you can see, Android users are also targeted by the botnet, which itself is spreading via such SMS messages. Thinking they get deals on certain apps, users click on links provided in such messages at which point the malicious apps installs itself on the smartphone, deletes it tracks and starts, well, doing its job: sending SMS messages.
Once installed, the app spams 100 U.S. phone numbers at a time. When it’s done with each batch it reloads with another fresh set. Meanwhile users don’t know what’s happening as the app deletes outgoing messages and intercepts any SMS replies to the messages it sends.
So far, the impact is seen as “limited,” but while detections “remain low,” Lookout has observed “instances on all major U.S. carriers.” Obviously, Lookout says its own app detects the threat, both the Free and Premium versions.
Has anyone been affected by such a malicious app? How did you discover it?
Like this post? Share it!
I got a sms that I entered a contest. Called Bestbuycontest.com which I never did entered. lol
Got that one on black Friday as did my wife. Both on our old non-android flip phones. Didn’t even know those ones had text services. Since we don’t use text or Web with those phones and almost no one has the numbers, we believe they were targeting blocks of cell numbers.
Best buy give something away for free? Yeah right!
I got the same one but I immediatly knew it was mallicous
I’ve been on the receiving end of multiple of these texts. It’s unfortunate, but it happens. Obviously, replying “Stop” doesn’t do squat like other normal spam sms-type services.
The Android from Google is among one of the best and extremely in need solution at present. Along with the entry of a number of smart products.
These people that makes this kind of stuff are very smart, so why waste it on ruining peoples electronics?