[Caution] SMS related malicious applications are being spread.

1. Introduction

With a continuous growth of mobile security threats, SMS related Android's malicious applications are rapidly considerable these days.
The range of infected symptom is getting wider including sending SMS, the new symptom of recent malicious application. Upon infected this malicious application, users can be caused unexpected payment or can be used certain advertisement.

Following figure is a result of the type of collected malicious applications for the last week.

[58% : Related SMS, 37% : Rooting, ETC : 5%]
2. Spreading path and symptoms of infection

This malicious application can be spread via various black markets and 3rd party markets.

Recently spread SMS related application is not as a repackaged technique but as an application itself.

Following figure is the installation screen of one of SMS related malicious applications aiming at Russian user.
It has various variants and can ask permission as following.

* Permission explanation
- android:name="android.permission.ACCESS_NETWORK_STATE"
- android:name="android.permission.ACCESS_WIFI_STATE"
- android:name="android.permission.CAMERA"
- android:name="android.permission.CHANGE_CONFIGURATION"
- android:name="android.permission.EXPAND_STATUS_BAR"
- android:name="android.permission.CONTROL_LOCATION_UPDATES"
- android:name="android.permission.GET_ACCOUNTS"
- android:name="android.permission.BATTERY_STATS"
- android:name="android.permission.INTERNET"
- android:name="android.permission.INSTALL_PACKAGES"
- android:name="android.permission.SEND_SMS"
- android:name="android.permission.READ_CALENDAR"
- android:name="android.permission.READ_CONTACTS"
- android:name="android.permission.READ_FRAME_BUFFER"
- android:name="com.android.browser.permission.READ_HISTORY_BOOKMARKS"
- android:name="android.permission.READ_LOGS"
- android:name="android.permission.STATUS_BAR"
- android:name="android.permission.SYSTEM_ALERT_WINDOW"
- android:name="android.permission.VIBRATE"
- android:name="android.permission.WRITE_CONTACTS"
- android:name="android.permission.WRITE_CALENDAR"

After being installed, following icon will be created and you can see following run screen.

* Icon

* Run screen

This malicious application will send SMS on clicking button in main screen based on following code, designating receiving number will be made by Dialog parsing technique.

Sending SMS will be performed secretly through thread technique.

3. How to prevent

To use smartphone safely from security threats of these malicious applications, we recommend following tips "Smartphone security management tips" for general users.

Smartphone security management tips

1. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
2. Download the proven application by multiple users at all times.
3. Use mobile anti-virus SW to check downloaded application before using it.
4. Do not visit suspicious or unknown site via smartphone.
5. Try not to see MMS, text, e-mail from uncertain user.
6. Set strong password on smartphone always.
7. Turn the wireless interfaces like Bluetooth only be used.
8. Do not save important information on phone.
9. Do not try illegal customizing like rooting or jailbreak.

INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function with nProtect Mobile for Android for mobile such as malicious file stated above and runs responding system against various security threats.


  1. I was smiling yesterday,I am smiling today and I will smile tomorrow.Simply because life is too short to cry for anything.Love Sms Love Text

  2. Could someone bypass the security measures listed above and still use sms tracking software on my device? Click here to get my idea

  3. This texting spy app allows you to read someone's sms remotely.

  4. This is very great and brilliant information.
    Qooapp for Android


  5. Excellent Blog! I would like to thank for the efforts you have made in writing this post. I am hoping the same best work from you in the future as well.
    I wanted to thank you for this websites! Thanks for sharing. Great websites!
    pubg mobile apk
    pubg lite
    pubg apk
    pubg mobile lite

  6. We covered the usual… where are you from, talk about family, comment on the weather and then he asked what brought me up Berlin at this time of year. I explained that I am writing a book and doing research while escaping horrendous allergy issues in Austin. Then he asked the fateful question… What is your book about?

  7. These is the best app SHAREit to transfer the data form one mobile to other mobile with fast transfer of all files and data and it available for the PCs and MAC and also for the iOS mobiles.