First SMS trojan for Android detected

Security specialist Kaspersky is reporting that it has detected the first SMS trojan for Android. Once installed, the malware masquerades as a media player and secretly sends out SMS messages to premium rate numbers. The trojan, called Trojan-SMS.AndroidOS.FakePlayer.a, is disseminated as an individual, 13-Kbyte .apk file rather than via the Android Market – some user interaction is required to inject it into a system.

Initially, the user's settings must allow the installation of software from unknown sources – this option is disabled by default. Secondly, the user has to confirm the access rights to resources and data requested by the app during installation – and a media player requesting the right to send SMS messages should make users suspicious. However, these prerequisites don't necessarily represent insurmountable obstacles for a trojan, especially if users think they are installing a particularly fantastic 'must have' application.

Kaspersky doesn't say which web pages offer the bogus media player to download, nor does the vendor give any actual distribution figures or regional information.

However, SMS trojans and other malicious Android programs aren't an entirely new idea. Sporadic SMS trojans have been making the rounds on Symbian smartphones for quite a while, and Android has already been plagued by spyware and online banking trojans before. Instead of installing a virus scanner on their smartphones, users should be cautious when presented with overly promising applications. Speaking of caution: According to a survey conducted by Kaspersky, 36% of smartphone users consider mobile internet services more dangerous than surfing on a PC, and 38% use their mobile to go online at least once a day.

(crve)