Skip to content

First Widespread Android Trojan Loose in the Wild (UPDATED)

Honeymoon’s over, everyone: antiviral watchdog Kaspersky has spotted Android’s first, SMS-based trojan making the rounds in Russia. The devious little MS.AndroidOS.FakePlayer.a masks itself as a media player before invisibly shooting out expensive texts to premium numbers, earning cash for fraudsters.

Isolated instances of Android spyware were reported last year, but this infection marks the first significant sighting of malware on the platform. Kaspersky urges that “users pay close attention to the services that an application requests access to when it is being installed. That includes access to premium rate services that charge to send SMSs and make calls.”

UPDATE: We’ve received Google’s side of the story from a spokesperson there, who says:

“Our application permissions model protects against this type of threat. When installing an application, users see a screen that explains clearly what information and system resources the application has permission to access, such as a user’s phone number or sending an SMS. Users must explicitly approve this access in order to continue with the installation, and they may uninstall applications at any time. We consistently advise users to only install apps they trust. In particular, users should exercise caution when installing applications outside of Android Market.”

So, the trojan app’s fraudulent features must be consented to in some sense, though their malicious intent can’t be discerned from permissions requests alone. If it looks fishy that a media player would need SMS functionality, then maybe it is. Still, this ushers in new level of necessary caution when downloading Android apps. [Kaspersky Lab via The Register]

Daily Newsletter

Get the best tech, science, and culture news in your inbox daily.

News from the future, delivered to your present.

Please select your desired newsletters and submit your email to upgrade your inbox.

You May Also Like

  翻译: