First SMS-sending Android Trojan reported

Elinor Mills CNET News | August 11, 2010 7:16 AM PDT

Summary

Security experts warned about a Trojan targeting Android-based mobile devices that racks up charges by sending text messages to premium-rate numbers.

Topics

Trojan Horse, SMS, Spyware, Viruses And Worms, Security, Adware & Malware

Vendor HotSpot

Here to help you with your Document Management Needs

Read the DocuMentor blog now

Learn More »

Security experts warned on Tuesday about what is believed to be the first Trojan targeting Android-based mobile devices that racks up charges by sending text messages to premium-rate numbers.

The Trojan-SMS malware, dubbed "Trojan-SMS.AndroidOS.FakePlayer.a," is being distributed via an unknown malicious Web site, said Denis Maslennikov, senior malware researcher at Kaspersky Lab.

Users are prompted to install a "media player application" that is a little bigger than 13 kilobytes, but which is hiding the Trojan inside, according to Kaspersky and mobile-phone security company Lookout, which analyzed the threat. Once installed, the Trojan starts sending SMS messages behind the scenes that cost several dollars per message, without the device owner knowing it.

For more on this story, read First SMS-sending Android Trojan reported on CNET News.

Talkback Most Recent of 15 Talkback(s)

Follow via:: RSS; Email Alert

I love how sensationalistic this story is...

Just like the last Android security threat story I read by this author, it neglects to highlight facts that make it less of a story. It barely mentions that this exploit requires the Android user to install software from a malicious website rather than the Android Market that all other software is typically installed through. It doesn't even mention that the built-in Android installation mechanism warns the user that this software wants access to sending SMS messages.

To be infected by this, the user has to overlook a lot of common sense. It doesn't matter what OS your phone, computer, etc uses - if you don't use some common sense, no OS is impervious to all threats.
NetAdmin1178
11th Aug 2010
- Reply to
- Flag
One more thing....

@NetAdmin1178 Since the app is not from the Android market, in order to install it the user has to first go to Menu=>settings=>applications and check the box to accept applications from "Unknown Sources". When he checks the box he is going to get a warning that says:

Attention "Your phone and personal data are more vulnerable to attack by applications from unknown sources. You agree that you are solely responsible for any damage to your phone or los of data that may result from using these applications" (at least that's how it works on my Droid). In this message, the user then has to tap OK before the box is actually checked. Then they would have to go back to the SMS message and also ignore all the warnings you mentioned that they would find there.

No OS can protect a user who is willing to go to those lengths to do something stupid.
cornpie
11th Aug 2010
- Reply to
- Flag
RE: First SMS-sending Android Trojan reported

@cornpie using that as your criteria, Windows 9x was secure, so long as people exercised common sense. Needless to say that's not what the *nix or Apple users said at the time.
notsofast
12th Aug 2010
- Flag
RE: First SMS-sending Android Trojan reported

@NetAdmin1178 Not only that, the story I read on it yesterday said it has only appeared in Russia so far.
babyboomer57
11th Aug 2010
- Reply to
- Flag
RE: First SMS-sending Android Trojan reported

@NetAdmin1178 I didn't see anything sensationalistic about the story at all. It's written in a very "FYI" manner. Get defensive much?
I12BPhil
11th Aug 2010
- Reply to
- Flag
Get real.

@NetAdmin1178
First off, many infections these days rely on poor user judgment to get a foothold on the device its trying to infect. Its not so bizarre or unusual that this particular point needs to be dwelt on like some kind of an unlikely rarity. The fact is many many people who use phones are quite young and have no idea that a modern smartphone can be subject to the same kind of malicious installations that a full blown computer can and as such there are bound to be plenty of opportunities for this kind of thing to work.

Secondly, the whole article was short. It wasn't a 2 page story with a single line devoted to how the software gets on the phone, it was a short and to the point piece.

Thirdly, any time a story comes up like this about a Windows driven product we have the lowly masses of Windows haters gather to shout about "more proof of Microsoft's incompetence and evil!!" Its about time the anti-Microsoft crowd swallowed a little pride and accepted that other OS's have insecurities or at least let up a touch on the Windows bashing for every minor issue that surfaces. In the world of high tech communications and data processing its a fact of life we all have to live with.
Cayble
11th Aug 2010
- Reply to
- Flag
Thank you

@NetAdmin1178 I, for one, appreciate your explanation. I've only had my Droid for a few months, and I clutched when I saw this headline. But your post assured me that I would have to take some overt action to acquire this type of Trojan. I think the article was misleading not to say this; from the way it was written, it appeared to me that someone could just send me the virus in a text message. Thank you for your clarification.

Thank you as well, cornpie.
sruasonid
11th Aug 2010
- Reply to
- Flag
RE: First SMS-sending Android Trojan reported

@NetAdmin1178 - good points but I see this piece, and many others like it, as information which I, for one, like to know about. Kaspersky makes the best PC security software on the market today and it's because of their staff.

On a side note and because your reply seems to be on the defensive side (sorry, that's how I took it) - I don't know if you are an Android fanboy (so I'm not judging you or being presumptuous) but I sure see a lot of defensiveness out there by Android users. I dumped my iPhone recently because it failed me at the one thing I needed it to do more than anything else - be a phone and not drop my calls. I love my new Samsung Captivate, even with the few quirks, etc. I don't see a need to defend it over the iPhone at all. It's a better device in every aspect other than it's more involved to figure out how to use it. But that's OK, cause God blessed me with at least average intelligence so I made it through the curve. iPhone are great devices and wonderfully simple to use but my 3GS, in less than ideal coverage areas, would consistently drop calls. And the iPhone 4 is a miserable failure with it's proximity sensor and antenna issues - what a joke.
jaboumrad
11th Aug 2010
- Reply to
- Flag
There are a lot of such user ...

... that override any warning in order to get that hot app.
rfbati
11th Aug 2010
- Reply to
- Flag
An Operating System Can't Help These Users

@rfbati
An operating system can't help users who will ignore any warning to install an app without knowing what they are doing. Users like that can only be helped by having limited rights and a system administrator. In a way perhaps that is what Apple is trying to accomplish with the Appstore for iPhone and iPad, to be everyone's system administrator and keep them safe from everything. Thanks, but no thanks. I don't want to be a limited rights user on my personal devices. I want to be my own system administrator.
CFWhitman
11th Aug 2010
- Reply to
- Flag
Be fare here guys...

The article is not saying that it is easy to get infected. Its not saying that you need to override standard warnings and practices. It is simply saying "Well, Android viruses have arrived and here is one" nothing more. It then says "for more information, go here" and that site does provide more info. Why are you guys always so hard on every article? If you think you can do better, start your own ZDNet type site and do it! Stop complaining so much about the problems you have with articles here.
ExploreMN
11th Aug 2010
- Reply to
- Flag
RE: First SMS-sending Android Trojan reported

@ExploreMN

Yeah, I don't think this is sensationalistic at all. It's a few short paragraphs. I am actually glad for this short tidbit of info especially as a user of an Android phone (rooted, overclocked, basically a power-user but not a dev).

Knowledge is power; power to defend and defeat.
midenginedrift
11th Aug 2010
- Reply to
- Flag
RE: First SMS-sending Android Trojan reported

I personally find all ZDNET reports very informative and I thank ZDNET and its staff for providing me with my daily dose of tech knowledge (for free I might add.)

I can't understand why so many of you waste your time on this site though, since you are clearly way more informed than the average ZDNET reader!
d0nl
12th Aug 2010
- Reply to
- Flag
Not all the Info - Therefore Misleading

The article should have also indicated how the trojan is spread. Instead, it takes readers to research and add this critical piece of the puzzle.

Yes, I'm interested to know that it has started for Android. I'd also like to know that exercise of a modicum of intelligence will avoid the problem!

I was just saying to a user this morning that it hasn't happened yet, but it will at some time, particularly as Android becomes a bigger target.

I'm not all that sure that it fully qualifies as an infection if it tells you that it is going to send SMS if you install it and then; surprise, it does! Granted it's behaviour demonstrates malicious intent.
david.hunt@...
16th Aug 2010
- Reply to
- Flag
hahahaha!

This is exactly why you want to stick with Microsoft Windows, so you don't get pwned the second you turn on your vulnerable linux crapware. I bet this exploits the telnet hole wide open to the intartubes android hasn't bothered to fix in the 14 years they knew about this exploit.
pgit
9th Sep 2010
- Reply to
- Flag