Android malware utilising Google Cloud Messaging service

Summary:Kaspersky Lab claims it has found Android malware making use of an Android app messaging service.

Once you have a piece of malware sitting in the Google Play store, it would be remiss not to use the services available in the Android ecosystem to aid your nefarious activities.

Kaspersky Lab researchers said today that they have found a piece of malware that is using Google Cloud Messaging (GCM) as a replacement for command and control servers and services.

"This makes it quicker and cheaper to manage infected Android devices, simply by registering on the Google service," Kaspersky said in a statement.

The company has found a number of malware samples that use GCM, with one, dubbed Trojan-SMS.AndroidOS.OpFake.a being able to send text messages, steal messages and contacts, create shortcuts to sites, and show notifications that advertise other pieces of malware.

"It would be strange if virus writers were not taking advantage of the opportunities offered by this service," said Roman Unuchek, senior malware analyst at Kaspersky Lab.

"The only way to block these channels of communication between the virus writers and their malware is to block the accounts of those developers whose IDs are used when registering malicious programs. We have informed Google about the detected GCM-ID, which are used in malware."

Kaspersky Lab admits that while the number of malware apps using GCM is low, some are widespread in Asia, Western Europe, and former Soviet bloc countries.

While Android is dominating the number of handsets sold across the world, it also claims the highest number of malware apps available.

Two recent reports have said that malware rates on Android are increasing . In one study, the headline number was a six-fold increase from March to June this year.

Topics: Security, Android

About

Chris started his journalistic adventure in 2006 as the Editor of Builder AU after originally joining CBS as a programmer. After a Canadian sojourn, he returned in 2011 as the Editor of TechRepublic Australia, and is now the Australian Editor of ZDNet.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.