Security researchers from Sophos, have spotted a bogus Chinese game, that's actually a trojan horse gathering sensitive information from infected devices, next to sending premium-rate SMS messages to multiple providers.
Once installed, the trojan horse will harvest the following information from the infected device (IMEI, IMSI, phone model, screen size, platform, phone number, and OS version), and will forward it to the malicious attackers operating it.
According to the vendor, the malware masquerades as a service called "GameUpdateService", which sounds like a legitimate name for an application, yet another indication of the social engineering element part of the campaign, next to the actual brand-jacking of a legitimate game's name.
The malicious application is currently detected as Andr/Stiniter-A.
With independent third-party reports indicating a massive growth in the distribution and production of mobile malware targeting the Android OS, the process of brand-jacking a legitimate game's brand, is among the many other tactics and techniques available at the disposal of the malicious attacker, looking for new and flexible ways to spread his malicious application.