F-Secure: Android SMS dialler uses obfuscation

A piece of Android malware that sends premium rate text messages uses code embedded in a picture file to hide its function from security researchers and the Android app store, according to security company F-Secure.The malware, which F-Secure has called 'Trojan:Android/FakeRegSMS.

A piece of Android malware that sends premium rate text messages uses code embedded in a picture file to hide its function from security researchers and the Android app store, according to security company F-Secure.

The malware, which F-Secure has called 'Trojan:Android/FakeRegSMS.B', hides code in a PNG file that supports the malware's function of sending premium rate SMS texts, F-Secure said in a blog post on Monday.

"This is an example of obfuscation automatic and human analysis wouldn't look at," F-Secure security advisor Sean Sullivan told ZDNet UK on Monday. "This is the first example of this our analysts have seen."

The purpose of the obfuscation was to try to avoid Android app store security measures, and phone antivirus products, said Sullivan.

Last year companies began to see an increase in the amount of Android malware. Malicious Android apps doubled in six months in 2011, according to ZDNet UK sister site CNET News.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All