12345

9/14/2011

[Caution] SMS related malicious applications are being spread.

1. Introduction

With a continuous growth of mobile security threats, SMS related Android's malicious applications are rapidly considerable these days.
The range of infected symptom is getting wider including sending SMS, the new symptom of recent malicious application. Upon infected this malicious application, users can be caused unexpected payment or can be used certain advertisement.

Following figure is a result of the type of collected malicious applications for the last week.

[58% : Related SMS, 37% : Rooting, ETC : 5%]
  
2. Spreading path and symptoms of infection

This malicious application can be spread via various black markets and 3rd party markets.

Recently spread SMS related application is not as a repackaged technique but as an application itself.

Following figure is the installation screen of one of SMS related malicious applications aiming at Russian user.
It has various variants and can ask permission as following.


* Permission explanation
- android:name="android.permission.ACCESS_NETWORK_STATE"
- android:name="android.permission.ACCESS_WIFI_STATE"
- android:name="android.permission.CAMERA"
- android:name="android.permission.CHANGE_CONFIGURATION"
- android:name="android.permission.EXPAND_STATUS_BAR"
- android:name="android.permission.CONTROL_LOCATION_UPDATES"
- android:name="android.permission.GET_ACCOUNTS"
- android:name="android.permission.BATTERY_STATS"
- android:name="android.permission.INTERNET"
- android:name="android.permission.INSTALL_PACKAGES"
- android:name="android.permission.SEND_SMS"
- android:name="android.permission.READ_CALENDAR"
- android:name="android.permission.READ_CONTACTS"
- android:name="android.permission.READ_FRAME_BUFFER"
- android:name="com.android.browser.permission.READ_HISTORY_BOOKMARKS"
- android:name="android.permission.READ_LOGS"
- android:name="android.permission.STATUS_BAR"
- android:name="android.permission.SYSTEM_ALERT_WINDOW"
- android:name="android.permission.VIBRATE"
- android:name="android.permission.WRITE_CONTACTS"
- android:name="android.permission.WRITE_CALENDAR"

After being installed, following icon will be created and you can see following run screen.


  
* Icon


* Run screen




This malicious application will send SMS on clicking button in main screen based on following code, designating receiving number will be made by Dialog parsing technique.


Sending SMS will be performed secretly through thread technique.

3. How to prevent

To use smartphone safely from security threats of these malicious applications, we recommend following tips "Smartphone security management tips" for general users.

Smartphone security management tips

1. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
2. Download the proven application by multiple users at all times.
3. Use mobile anti-virus SW to check downloaded application before using it.
4. Do not visit suspicious or unknown site via smartphone.
5. Try not to see MMS, text, e-mail from uncertain user.
6. Set strong password on smartphone always.
7. Turn the wireless interfaces like Bluetooth only be used.
8. Do not save important information on phone.
9. Do not try illegal customizing like rooting or jailbreak.

INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function with nProtect Mobile for Android for mobile such as malicious file stated above and runs responding system against various security threats.

10 comments:

  1. I was smiling yesterday,I am smiling today and I will smile tomorrow.Simply because life is too short to cry for anything.Love Sms Love Text

    ReplyDelete
    Replies
    1. I am glad that I saw this post. It is informative blog for us and we need this type of blog thanks for share this blog, Keep posting such instructional blogs and I am looking forward for your future posts.
      Cyber Security Projects for Final Year

      JavaScript Training in Chennai

      Project Centers in Chennai

      JavaScript Training in Chennai

      Delete
  2. Could someone bypass the security measures listed above and still use sms tracking software on my device? Click here to get my idea

    ReplyDelete
  3. This texting spy app allows you to read someone's sms remotely.

    ReplyDelete
  4. This is very great and brilliant information.
    Qooapp for Android

    ReplyDelete


  5. Excellent Blog! I would like to thank for the efforts you have made in writing this post. I am hoping the same best work from you in the future as well.
    I wanted to thank you for this websites! Thanks for sharing. Great websites!
    pubg mobile apk
    pubg lite
    pubg apk
    pubg mobile lite
    pubg

    ReplyDelete
  6. We covered the usual… where are you from, talk about family, comment on the weather and then he asked what brought me up Berlin at this time of year. I explained that I am writing a book and doing research while escaping horrendous allergy issues in Austin. Then he asked the fateful question… What is your book about?

    ReplyDelete
  7. These is the best app SHAREit to transfer the data form one mobile to other mobile with fast transfer of all files and data and it available for the PCs and MAC and also for the iOS mobiles.

    ReplyDelete
  8. I am impressed! Extremely useful information particularly the lastpart ?? I care for such information much. I was looking for this
    particular information for a very long time.
    Thank you and good luck.

    shareit for pc
    xender for pc
    shareit pc
    xender apk
    shareit apk
    xender web
    shareit for laptop
    xender for windows
    shareit downloading
    xender download
    xender for ios
    shareit for ios

    ReplyDelete