Fake 'Roar of the Pharaoh' Android game spreads premium-rate SMS trojan

Summary:Security researchers from Sophos, have spotted a bogus Chinese game, that's actually a trojan horse gathering sensitive information from infected devices, next to sending premium-rate SMS messages.

Security researchers from Sophos, have spotted a bogus Chinese game, that's actually a trojan horse gathering sensitive information from infected devices, next to sending premium-rate SMS messages to multiple providers.

Once installed, the trojan horse will harvest the following information from the infected device (IMEI, IMSI, phone model, screen size, platform, phone number, and OS version), and will forward it to the malicious attackers operating it.

According to the vendor, the malware masquerades as a service called "GameUpdateService", which sounds like a legitimate name for an application, yet another indication of the social engineering element part of the campaign, next to the actual brand-jacking of a legitimate game's name.

The malicious application is currently detected as Andr/Stiniter-A.

With independent third-party reports indicating a massive growth in the distribution and production of mobile malware targeting the Android OS, the process of brand-jacking a legitimate game's brand, is among the many other tactics and techniques available at the disposal of the malicious attacker, looking for new and flexible ways to spread his malicious application.

Topics: Mobility, Malware, Security

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.