October 13, 2011
Security Alert: First Android SMS Trojan Found in the Wild
UPDATE: Lookout has pushed an over-the-air (OTA) update to automatically protect all Lookout Android users from this newly reported Trojan. If you already have Lookout installed, the update will be automatically pushed down to your device. Today, Kaspersky Labs reported the first SMS Trojan that infects Android smartphones.
The Trojan is hidden inside an application called "Movie Player." Users are prompted to install an application that looks like a media player of just over 13KB to their phone from a website. Take note that the app does list “Services that cost you money (send SMS messages)” as one of the required permissions prior to installation.How it Works: Once installed, the Trojan proceeds to send SMS messages to premium-rate numbers charging several dollars per message without the owner’s knowledge or consent.Phones it Affects: So far this has only affected Android smartphone users in Russia and only works on Russian networks. As far as we know, there is no indication that this app is in the Android Market.
How to tell if you’re affected
- Review your phone bill for any premium SMS messages you did not send
- If you have recently downloaded a media player, check the permissions to ensure it does not have the ability to send SMS messages. (Go to Settings, Applications, Manage Applications)
How to stay safe
- Only download applications from trusted sources. Remember to look at reviews and star ratings.
- Always check the permissions an app is requesting when downloading apps. Use common sense to ensure that the permissions match the type of app you are downloading.
- Download a mobile security app for your phone that scans every app you download.
As we’ve previously noted, with the discovery of this new Android Trojan, it is more important than ever to pay attention to what you’re downloading. This Movie Player app directly lists permissions to access "Services that cost you money" before you install. Stay alert to ensure that you trust every app you download and stay tuned for more details on this threat.
Book a personalized, no-pressure demo today to learn:
- How adversaries are leveraging avenues outside traditional email to conduct phishing on iOS and Android devices
- Real-world examples of phishing and app threats that have compromised organizations
- How an integrated endpoint-to-cloud security platform can detect threats and protect your organization