Dangerous Android trojan spreads via SMS

Dangerous Android trojan spreads via SMS

    4048

    Early in November, specialists at Doctor Web(Website in English) discovered the new trojan malware attacking Android phones. This Android trojan is a dangerous bot giving a team attackers the ability to send SMS, delete the installed programs and user files, steal confidential information, and even to attack websites using the resources of the victim device; along with host of other undesirable actions. The new threat to Android users was included in an update of Dr.Web virus database for Android and has been dubbed Android.Wormle.1.origin. After installation, the Trojan creates a shortcut on the main screen of the operating system and operates on an infected device as a system service named com.driver.system.

    Dangerous Android trojan spreads via SMS

    After installation, Android.Wormle.1.origin establishes a connection to the command center and then waits for further instructions from intruders. It is noteworthy that the management of the bot can be performed directly by cybercriminals as a controlling server by using Google Cloud Messaging service protocols. This allows developers to maintain contact with their applications in the presence of an active Google account on the targeted device.

    Android.Wormle.1.origin implements functional SMS-worm spreading among the owners of Android-devices with the help of SMS-messages containing a link to download a copy of the malware. Messages are then sent to all phone numbers from your contact book so that in a short period of time, Android.Wormle.1.origin is able to infect a large number of mobile devices; significantly increasing the size of the botnets created by cybercriminals. The resulting statistics from company specialists at Doctor Web show that at the moment the malware has managed to infect more than 14,000 Android-smartphones and tablets that belong to users from more than 20 countries. The greatest number; 12,946 (or 91.49%) infected by the Trojan mobile devices is in Russia, then followed with a noticeable lag in infected devices from Ukraine (0.88%), the US (0.76%), Belarus (0.51%), Kazakhstan ( 0.25%), Uzbekistan (0.21%) and Tajikistan (0.15%).

    comments powered by Disqus