Slashdot Mirror

← Back to Stories (view on slashdot.org)

New SMS Trojan Found In Android Markets

Posted by Soulskill on from the popping-up-like-weeds dept.

Trailrunner7 writes "The Android platform seems to have become the playground of choice for attackers and malware authors looking to make a quick buck. The latest example is a premium-rate SMS Trojan that not only automatically sends costly SMS messages, but also prevents users' carriers from notifying them of the new charges. The new piece of malware, which is known as HippoSMS, has been found in unofficial Android app markets in China. This is just the latest in a series of similar incidents in which attackers and scammers have inserted either outright malicious apps or seemingly benign apps containing malware into app markets. Most of the attacks have targeted Android users, and several times Google has had to remove malicious apps from the official Android market."

7 of 114 comments (clear)

  1. Information, please! by Chonnawonga · · Score: 5, Informative

    Why don't these articles ever tell you WHICH markets and apps are affected? Oh, that's right, they're too busy trying to generate page hits through scare-mongering to care about information.

    (I'm not trying to say these aren't legitimate threats: quite the opposite. But, good reporting would help mitigate these threats by publicly shaming and informing.)

    1. Re:Information, please! by Chonnawonga · · Score: 4, Informative

      No, that's the name of the malware, not the apps. FTFA:

      "The malware is embedded in a seemingly legitimate application in the market, and once users download and install that app, the fun begins."

      It goes on to talk about "the host app" which the malware "piggybacks". Which app? They don't tell you. They'd rather tell you that "The Apple iPhone may still be the gold standard when it comes to smartphones".

  2. Price you pay.. by AngryDeuce · · Score: 4, Insightful

    If you want the freedom to install whatever you want from wherever you want, you have to accept that some of those things may not be good for you or your devices. To me, it's worth the trade off.

    In the end, the best protection will always be common sense. To those that do not feel they possess enough knowledge to make their own decisions in this regard, there is always Apple who will gladly make the decision for you. To each their own.

  3. Re:Well on the bright side by djdanlib · · Score: 4, Insightful

    WHAT? You mean freedom also provides the opportunity to freely injure one's self?!?! You don't say!

  4. This only affects chinese 3rd party markets... by Anonymous Coward · · Score: 5, Insightful

    Unofficial Markets. So in other words, Google has nothing to do with this. If you want security on Android, just stick to the standard market. Obviously Third party markets are bad news bears.

  5. Re:Well on the bright side by bberens · · Score: 4, Insightful

    Not that malware hasn't slipped into the Google store before, but the summary seems to indicate that this particular malware is circulating in 3rd party app stores. Something I would wager 99% of users don't even know exist.

    --
    Check out my lame java blog at www.javachopshop.com
  6. Provider failure by Anomalyst · · Score: 4, Insightful

    This a failure on the part of providers. I dont want a "notification" I dont want it at all. Part of signing up should be the ability to limit
    #SMS/day
    Block "premium" SMS messages with exception list.
    Block calls to foreign countries with an exception list
    Block toll (900) calls.
    IOW give me back control on how and how much they can shaft me.

    --
    There is no right to feel safe thru security vaudeville at the expense of everyone's freedom, privacy and tax money.