Android malware utilising Google Cloud Messaging service

Android malware utilising Google Cloud Messaging service

Summary: Kaspersky Lab claims it has found Android malware making use of an Android app messaging service.

TOPICS: Security, Android

Once you have a piece of malware sitting in the Google Play store, it would be remiss not to use the services available in the Android ecosystem to aid your nefarious activities.

Kaspersky Lab researchers said today that they have found a piece of malware that is using Google Cloud Messaging (GCM) as a replacement for command and control servers and services.

"This makes it quicker and cheaper to manage infected Android devices, simply by registering on the Google service," Kaspersky said in a statement.

The company has found a number of malware samples that use GCM, with one, dubbed Trojan-SMS.AndroidOS.OpFake.a being able to send text messages, steal messages and contacts, create shortcuts to sites, and show notifications that advertise other pieces of malware.

"It would be strange if virus writers were not taking advantage of the opportunities offered by this service," said Roman Unuchek, senior malware analyst at Kaspersky Lab.

"The only way to block these channels of communication between the virus writers and their malware is to block the accounts of those developers whose IDs are used when registering malicious programs. We have informed Google about the detected GCM-ID, which are used in malware."

Kaspersky Lab admits that while the number of malware apps using GCM is low, some are widespread in Asia, Western Europe, and former Soviet bloc countries.

While Android is dominating the number of handsets sold across the world, it also claims the highest number of malware apps available.

Two recent reports have said that malware rates on Android are increasing. In one study, the headline number was a six-fold increase from March to June this year.

Topics: Security, Android


Chris started his journalistic adventure in 2006 as the Editor of Builder AU after originally joining CBS as a programmer. After a Canadian sojourn, he returned in 2011 as the Editor of TechRepublic Australia, and is now the Australian Editor of ZDNet.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Telcos must dump android

    Security issue after security issue....average user has no clue how dangerous android is. Service providers must dump android and need to promote other platforms.
    • Open wins!

      For Malware developers. It now appears that Google is giving hackers a secure channel to control their new mobile bot nets.

      Money Quote: "Unlike a send-to-sync message, every 'message with payload' (non-collapsible message) is delivered. The payload the message contains can be up to 4kb."

      But wait, there's more! "GCM's Cloud Connection Service (CCS) lets you communicate with Android devices over a persistent XMPP connection. The primary advantages of CCS are speed, and the ability to receive upstream messages (that is, messages from a device to the cloud)."

      So, not only can you send executable code to your app on an infected Android device on the fly. But your app can also return data to your server from the device.
      • Android

        I actually hope that this malware spreads so fast that consumers get a wakeup call. This android malady will destroy the Samsung, HTC and Google brand. But then again, they don't's cheap and consumers love it.
        Dreyer Smit
        • More BS

          Was windows killed off by malware? Based on the fact it's the OS that has attracted more malware and virsuses (yes, real viruses) than any other. I presume dell can't sell computers because of windows malware?

          Stop talking BS and join the real world. Just to return the favour, I hope whatever OS you're using gets badly hacked and you lose everything. Fairs fair.
          Little Old Man
          • It's certainly one reason PC sales have slumped.

            One factor for the iPad's success is the fact that it can do a lot of "casual computing" most people want with none of the hassles of traditional "full-blown" PCs, especially Windows with it's malware risks.
    • Dump windows.

      Security issue after security issue.... average user has no clue how dangerous Windows is. Companies must dump Windows and need to promote other platforms.

      There. Fixed that for you.
      • Right, Jesse

        Don't deny he's right, don't even acknowledge that there is a serious malware issue with Android right now, just try to change the subject, throw in some misdirection
        William Farrel
  • Another report from another security company

    Just possibilities, still no reports of massive cases of a real infection.
    It's strange that with billions mobile devices in the wild infection cases reports are so rare - android, blackberry, windows phone, iOS, ... nothing...
    • There's always some idiots that believe it

      Oh look, some of them were the first to comment on the story.

      Theoretical malware or proven real-world exploits doing damage everyday. By that standard, why haven't we dumped windows?
      Little Old Man
      • Theoretical malware is good enough a reason

        for these people to bash Windows, so why isn't that a good enough reason to bash Android?
        William Farrel
    • So you are saying not to worry until there is a massive world wide outbreak

      Good to know everyone need not worry until there is a massive outbreak proven right?

      Well at least blackberry, iOS and windows have a decent framework for pushing out updates when the need arises. Android not so much.

      Every other week there is a new attack vector opened up in Android. Most of which can NEVER be fixed, because there is no way to deliver updates to nearly every Android device in use.

      Every security report published shows that Android dominates malware problems in the mobile area by roughly 95% of the total problems founds. Lets be honest, Google just doesn't put enough effort into making Android a secure platform. In order to do that they would need some level of control taken back, but good luck putting the cat back into the bag.
      • People should always be worried with safety

        But these sort of reports are BS until proved to have foundations.
        Someone at computerworld wrote an very interesting article about these reports - but I'm feeling too lazy to go find it.