Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Tuesday, 28 March, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Mobile malware harvests SMS messages

by The Gurus
December 19, 2013
in Editor's News
Share on FacebookShare on Twitter

Mobile malware that sends premium SMS messages and calls from Android devices has been detected.

According to research released by ZScaler, the functions of MouaBad.P include making calls to premium numbers in order to generate revenue, harvesting SIM card information and checking for internet connectivity. It found that the premium rate numbers are all located in China.
“Forcing Android applications to initiate calls to premium phone numbers controlled by the attackers is a common revenue generation scheme that we see, particularly in Android applications distributed in third party Android app stores,” it said.
The malware apparently watches the screen and keyguard status; and functions seen by ZScaler suggest that it has the ability to make calls, end calls and cancel a missed call notification.
“The application installs itself silently. Once installed, no icon is observed for this app. Also shown in the previous screenshot is the fact that the application waits for the screen and keyguard events before triggering its malicious activity,” the report said.
“It does all of the activity without user intervention. This allows the malware to function without a suspicious icon on the home screen that just one of technique used by malware authors to evade its presence to the device owner.”
Also this week, FireEye detected the mobile botnet MisoSMS that has been used in at least 64 spyware campaigns. This botnet leverages webmail services for its command and control infrastructure. Once installed, this application sends stolen SMS messages to the attacker’s email address over an SMTP connection.
Mobile analyst Alan Goode told IT Security Guru that these campaigns have targeted users in China and Korea where ‘unofficial’ app stores are not as well protected against malware as ‘official’ stores.
“Currently if you reside in a regulated country like the UK, most of the EU countries and USA, the chances of being affected by mobile malware are very low. There are also more examples of users going to file-sharing networks to download pirated mobile apps – a lot of which will be Trojans,” he said.
“In our research for Ofcom from earlier this year, the consensus was that [mobile malware] was something that wasn’t currently prevalent, but needed constant monitoring in case things escalated. Android is getting better as a platform for security; the biggest issue is getting more users onto later versions (v 4.0 onwards) that have less vulnerabilities. There are still a lot of users that are on older versions that are known to be vulnerable.”
He also said that he was not aware if mobile botnets were typical, but he assumed that they existed mainly in countries such as those where ‘unofficial’ app stores are popular.
FacebookTweetLinkedIn
Tags: Malwaremobile
ShareTweetShare
Previous Post

I don't like the bugs, but the bugs pay me

Next Post

Yahoo Promises to Restore Vanished Messages of Users Affected by Mail Crash

Recent News

Synopsys discover new vulnerability in Pluck Content Management System

Synopsys discover new vulnerability in Pluck Content Management System

March 24, 2023
Dole Food Company

Dole confirms employee data was breached following February ransomware attack

March 24, 2023
call centre

MyCena Improves Customer Data Access Protection in Call Centers and BPOs

March 23, 2023
Blue logo, capitalised letters. SPECOPS.

Fortune 500 Company Names Found in Compromised Password Data

March 23, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information