Must Read: Mint 15: Today's best Linux desktop (Review)

Topic: Security

New mobile malware silently transfers account credit

Summary: Kaspersky Lab today warned users of five newly found variants of the Trojan-SMS.Python.

Dancho Danchev

By for Zero Day |

Mobile Malware SMS Python FlockerKaspersky Lab today warned users of five newly found variants of the Trojan-SMS.Python.Flocker mobile malware, targeting an Indonesian mobile provider's service allowing users to transfer money or minutes to each other's accounts. SMS Python Flocker is a known mobile malware family, whose previous versions used to automatically send SMS message from the infected mobile device to premium-rate numbers operated by the malware authors.

Once infected with the latest variant, the malware would transfer credit from the infected device by silently SMS-ing the provider's credit transfer service with the desired amount of credit.

Such mobile credit transfer services are used internationally, however, compared to simple cash/account credit transfers, in the long term mobile malware authors would continue looking for ways to steal hard cash. Since the first releases of the RedBrowser in 2006, which was silently sending SMS messages (screenshots) to premium-rate numbers, mobile malware authors have been looking for ways to monetize the infected devices. What has changed since then is the growth of mobile payments/m-payments and mobile wallets, whose popularity is proportionally empowering potential mobile malware authors with all the purchasing power an infected device has.

For the time being, among the main reasons why we still haven't witnessed an epidemic of mobile malware, is sadly because cybercriminals are making enough profit even without exploiting the fact that there are more people with mobile devices, than people with personal computers around the world.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

20 comments
Log in or register to join the discussion

  • So, does this apply to USA?

    Or does this only appear only in their own country?

    This website should be called "ZDNet Global" or "ZDNet International" instead of "ZDNet" and that it'd be nice of US has "ZDNet US."
    Grayson Peddie
    Reply Vote

    • Coming soon to a cell phone near you!

      [B][/B]
      Linux User 147560
      Reply Vote

    • Why be so insular?

      If the name is just ZDNet, would that mean that is is only for the USA? Isn't one of the main points of the Internet to be global???

      And, wouldn't it help the USA if you in the USA get know that such types of virus is being done on other countries - and prepare accordingly?

      If the USA goes into "insular" mode like the poster, it will be its doom (same happened to China on another era).
      Roque Mocan
      Reply Vote

      • Because we can....

        It's ok here in this country to ask a question without being berated...he doesn't necessarily speak for us all.
        pmcm
        Reply Vote

        • No, He Can Be Berated For Provincial Ignorance in ANY Land

          He just can't be legally prosecuted for it in the United States under the First Amendment.

          Freedom of Speech does not mean untrammeled license to be a deliberately ignorant fool without anybody else calling you on it - it just means there's no law against being said fool. As Devo eloquently put it, "Freedom OF Choice/Is what you got/Freedom FROM Choice/Is what you want."
          drprodny
          Reply Vote

    • Ya and maybe Google should be renamed Google Internation

      You might come across those scary.. are you ready for this?.. websites from other countries, on it!


      Moron.
      AzuMao
      Reply Vote

    • to the first poster

      If you are after stuff for yanks only then I think you should only surf your countries govt sites, and when you get bored of that then stop being raciest and join the rest of us, there is life outside of yankland
      vaughanm
      Reply Vote

    • Doesn't Matter

      Despite your poorly chosen words, I will take the time to address your primary concern:

      As IT Infrastructure in general is universal rather than country specific, even if these particular attacks are not hitting US carriers currently, eventually they will.
      medezark@...
      Reply Vote

  • This is why my next phone will be a Pre

    Best insurance against a malware exploit: don't live in a high-crime neighborhood. Symbian and WinMobile both say "rape me". Linux-based, JavaScripted Pre OS is both inconspicuous and based on robust Linux security at the core.
    geedavey@...
    Reply Vote

    • Care to elaborate?

      I've been using Symbian for over half a decade, in that time I've installed tens of thousands of apps and games from various sources, and I've never been infected by malware, and I've even gone looking for it. Since OS 9.x security is even tighter. Kaspersky amongst other companies have antivirus and firewall solutions available for Symbian, but the truth of the matter is they are largely pointless due to lack of any real threats.

      Also Googles Android is based on Linux, and even Google have admitted that its wide open to malware due to the open source nature of the OS, so I don't think your Linux solution is realistic.
      Skullet
      Reply Vote

  • That's why I have texting disabled at the provider.

    I don't text anyway and getting text message SPAM costs if you don't have an unlimited plan so the only peple that can send me text is AT&T.

    The thought of using a phone for epayments is just nuts.
    dunn@...
    Reply Vote

    • I have to agree w/Dunn here

      I never send texts, and I'm so unused to receiving them that I've had texting friends call me up asking why I didn't respond, to which I usually go "What? That was a text message?"

      The only time I use text messages is to have my mobile provider send me phone numbers I've asked for via Directory Assistance - and the other day when I checked for one, I had three spam messages...and a phish, allegedly from my bank! (Yes, I deleted all w/out responding, then called my bank at the number on the back of my bank card to make sure the text wasn't possibly legit - it wasn't.)
      drprodny
      Reply Vote

  • RE: New mobile malware silently transfers account credit

    How does the malware get into the cellphone in the first place? My old phone only has text and a telephone service on it. Am I safe?
    cpritch007@...
    Reply Vote

    • Siemens C25

      Yes - I too wonder how that malware gets in there. My trusty old Siemens C25 does what I want - phone and text, yet doesn't support any features (because they weren't there then) that would enable malware to be usable. Sure, it is on its second battery, but that was a lot cheaper than a new phone.

      The phone is also very robust. (No, it is not one of those "bricks" of yesteryear...)

      Perhaps there is a market for "simple" mobile phones. But that would be like advocating a return to DOS, heh?
      Mahegan
      Reply Vote

      • DOS?

        I started with CP/M, and then upgraded to DOS. There are still some of the old DOS tricks that work in a GUI world.
        It took a while, but I do like GUI's now.
        Murfski-19971052791951115876031193613182
        Reply Vote

    • Through that big antenna sticking out of it.

      [b] [/b]
      AzuMao
      Reply Vote

  • RE: New mobile malware silently transfers account credit

    BAM!
    dbisse@...
    Reply Vote

  • Big Brother calling...

    Hello, This is Big Brother. We notice you may have accidentally left your cell phone in your car by mistake. Please remember, if you should happen to have an emergency while in the shopping center, it is easier for you to reach into your pocket and dial 911 than to trust another human in public to call for help for you. Also, we cannot provide you with the automatic GPS emergency tracking and response services that have been available to anyone who has had a cell phone activated since 2004. We are here to serve you, we are here to protect you, and remember, we know what's best for you. Please keep your tracking device, er, cell phone with you at all times. It makes our job, er, your life much easier.

    Thank you.

    Big Brother

    "Skynet: Watching out for You!"
    zach.winchester
    Reply Vote

  • RE: New mobile malware silently transfers account credit

    lol, Skynet...
    sinephase
    Reply Vote

  • RE: New mobile malware silently transfers account credit

    Great!!! thanks for sharing this information to us!
    <a href="http://www.yuregininsesi.com">seslisohbet</a> <a href="http://www.yuregininsesi.com">seslichat</a>
    birumut
    Reply Vote
CNET Join | Log In | Privacy | Cookies Close