Android trojan sets on porn trap
Cyber criminals rely on search engine optimization
Kaspersky has discovered a new SMS Trojan for Android phones that pulls money out of users' pockets by sending messages to expensive premium rate numbers. The method of dissemination is interesting. The backers rely on Search Engine Optimization (SEO) to lure Android users into the porn trap. Russian websites present the victims with the Trojan as an alleged media player.
{jumi [plugins/content/jumi/newsgrafik.php]}
"This shows that cyber criminals are using more and more methods to spread malware on mobile devices," said Denis Maslennikow, Mobile Research Group Manager at Kaspersky Lab, in an interview with pressetext. The hackers copy strategies that have proven themselves for Windows computers. Cyber criminals are still targeting users in Eastern Europe, but that can change quickly.
Expensive fun
"The development of mobile malware mirrors the development in the desktop area," says the Kaspersky expert. By adopting tricks such as search engine optimization, however, it goes much faster. With contaminated websites high in the results lists, cybercriminals have so far lured Windows users into the trap, but this trend is now spreading to Android. The Russian porn sites in question only offer users of the Google operating system the program "pornplayer.apk" as an alleged player for installation.
If a user gets involved, it quickly becomes expensive. Because the Trojan sends SMS for six dollars in value-added numbers. This makes money easy in Russia in particular. "In Russia anyone can rent a premium rate number without any problems," explains Maslennikov. According to Kaspersky, this is a major reason why the attack has not yet spread to Western Europe. "If the cyber criminals manage to get numbers in other countries, that can change quickly," warns the malware expert.
Risk platform
The risk is great. Because only every 20th mobile phone user has a security solution installed on their device. In the case of Android in particular, the problem is exacerbated by a lack of offers. Only a few manufacturers like F-Secure already have an Android solution in their portfolio. Kaspersky plans to follow suit at the end of this year. "Many security manufacturers are currently completely neglecting mobile devices. All of them have a lot of catching up to do," emphasizes Peter Stelzhammer from the security expert AV-Comparatives http://www.av-comparatives.org opposite pressetext.
"With Android in particular, the problem is very big, also because more and more tablets with the operating system appear," said the expert. He refers to the many relevant announcements within the framework of the IFA. In addition, Android is booming as a smartphone platform. The mobile devices even offer potential new attack vectors. For example, Stelzhammer refers to scannable 2D barcodes, which could also lead to harmful websites. "With proximity marketing tools, for example, targeted Bluetototh attacks would also be possible at concerts," warns the expert.(ck)
.