New contacts stealing Android malware spotted in the wild

Summary:Security researchers from NQ Mobile’s Security Research Center have detected a new Android malware that silently steals the contacts of infected devices, and sends them back to the malicious attackers.

Security researchers from NQ Mobile’s Security Research Center have detected a new Android malware that silently steals the contacts of infected devices, and sends them back to the malicious attackers.

The malware, dubbed FireLeaker, accesses the device's system database file, retrieves data such as phone numbers, the phone's IMEI, as well as related emails, and silently uploads it to a web server managed by the cybercriminals behind it.

Why would a cybercriminal want to harvest a mobile device's contact list? Because that's how they set up for the foundations for an upcoming SMS spam campaign. Next to personally using the stolen data for sending SMS spam, they will also sell access to the database, which will be later on incorporated in managed SMS spam service, offering the ability to send SMS spam using an already harvested database of mobile numbers.

Find out more about Dancho Danchev at his LinkedIn profile.

Topics: Security

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.