October 24, 2014

Android's First SMS Trojan is in the Wild

toplogo

Kaspersky Lab has announced that they have identified Android’s first  Trojan-SMS malware, which they’ve named Trojan-SMS.AndroidOS.FakePlayer.a. Disguised as a simple media player, it has already infected an unknown number of mobile devices. From there, it starts sending text messages that cost the user money. Currently, only those on certain Russian networks are susceptible to losing money, any Android device can be infected if the user installs the fake media player. While not available in Google’s Android Market, this malware is “in the wild” and available for download, though exact sources are not known at this time. The signature of this Trojan-SMS program has been added to Kaspersky Lab’s database, which, conveniently, will be available as a product for Android users soon.

With Nielsen’s report that Android outsold iPhone last quarter, we can only expect Android to be a target of these types of programs, so be careful about what you download and install on your phone. This malware underlines how functional Android’s security model really is: if that new media player you find floating around requests permission to send SMS messages, it’s probably not a good idea to install it!