Symantec has discovered a Trojan called "Android.RuFraud" and has added the Trojan to its Web-based Risks and Threats list. Here are some facts about what it is, how it infects Android devices, what it does once installed and other facts.
* ThreatExpert reported on Dec. 5 that it received a sampling of an Android.RuFraud variant known as Android.Premiumtext.
* Android.RuFraud is classified as a low-risk infection because to date it has infected only about 50 devices, according to Symantec.
* According to ArsTechnica, Google removed more than 20 applications that contained the Android.RuFraud SMS Trojan on Dec. 12.
* The Android.RuFraud Trojan masquerades as free versions of popular paid-for games such as Angry Birds and others, according to ArsTechnica.
* When the "game" is installed, it requires the user to grant it certain permissions just as any other installed smartphone application and game does, allowing the game to use specific phone functions.
* The Android.RuFraud Trojan permissions required include allowing it to create, edit, delete and otherwise modify SMS messages, and open network connections, according to Symantec.
* The forbidden uses of the Android Marketplace are included in the Android Market Developer Program Policies, but these Policies do not forbid developers from asking for SMS creation, editing or sending permissions.
* This loophole has led to SMS Trojan-laden applications and games being developed for and then added to the Android Market legally.
* Upon installation, Android.RuFraud requires permission to modify the smartphone's internal and external storage as well, meaning it can add, edit and delete MicroSD card files at will.
* This specific permission to modify storage could also extend to include a computer's hard drive if the user were to connect using a USB cable for synchronizing or other offloading needs, although it is not likely.
* Android.RuFraud reads and hides SMS messages from various country-specific numbers, according to Symantec.
* According Symantec, when installed, the "game" displays the question, "Where is My Water?" a message stating, "To continue, click below" and two buttons labeled, "Next" and "Rules."
* If the user clicks "Next," the smartphone sends an SMS message to one of the target countries with the destination based on the country in which the smartphone SIM is registered, creating a premium rate charge.
* The Trojan hides incoming messages from the same numbers so it can continue to operate undetected.
* Uninstall the application manually to prevent future SMS message sending by opening the main Android menu and finding the application in the "Manage" section of the "Applications" menu, located in "Settings." Hit the "Uninstall" option. Additionally, using any of the mobile security suites that can detect Android.RuFraud or Android.Premiumtext, users can remove Trojan remnants.
Jessica (JC) Torpey is a self-taught computer technician with more than 10 years experience in the field. JC's passion is studying the various political and business aspects of the technology industry. Combining that knowledge with her love of computers, JC uses it to influence her writing.
occupy san francisco occupy san francisco top chef just desserts jamarcus russell sister wives st louis weather jack the cat
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.