Symantec has identified a botnet-building Android Trojan that hackers can use to send out text messages from a compromised smartphone.
The Trojan, which Symantec has named Android.Pjapps, piggybacks on versions of a legitimate phone app called Steamy Window that are available on unregulated mobile app marketplaces. Once a malicious version is downloaded to a phone, it sends the subscriber ID, line number and other personal information to hackers and communicates with the hacker's server to receive instructions.
"The aim of Android.Pjapps is to build a botnet controlled by a number of different Command and Control (C&C) servers," Symantec said in a blog post on Monday. "Among other things, it is able to install applications, navigate to websites, add bookmarks to your browser, send text messages, and optionally block text message responses."
Read more of "'Trojanised' Steamy Window targets Android phones" at ZDNet UK.