The first text message-based Trojan to infect smartphones running Google’s Android operating system has been detected in the wild.
Trojan-SMS.AndroidOS.FakePlayer-A poses as a harmless media player application and has already infected a number of mobile devices, Russian security firm Kaspersky Lab warns. Prospective marks are prompted to install a “media player file” of just over 13 KB with the standard Android .APK extension.
Once installed, the Trojan begins sending SMS messages to premium-rate numbers without the owner’s knowledge or consent, as explained in a technical write-up by computer security researcher Jon Oberheide here. Victims wind up with a huge bill while the cybercrooks behind the scheme earn a slice of the income. The scam has only affected Android smartphone users in Russia.
In a statement, Google said it existing permission controls guard against this type of type, which only exist for applications published outside the Android Marketplace.
Read more here.
