The range of infected symptom is getting wider including sending SMS, the new symptom of recent malicious application. Upon infected this malicious application, users can be caused unexpected payment or can be used certain advertisement.
Following figure is a result of the type of collected malicious applications for the last week.
[58% : Related SMS, 37% : Rooting, ETC : 5%]
2. Spreading path and symptoms of infection
This malicious application can be spread via various black markets and 3rd party markets.
Recently spread SMS related application is not as a repackaged technique but as an application itself.
Following figure is the installation screen of one of SMS related malicious applications aiming at Russian user.
It has various variants and can ask permission as following.
After being installed, following icon will be created and you can see following run screen.
* Run screen
This malicious application will send SMS on clicking button in main screen based on following code, designating receiving number will be made by Dialog parsing technique.
Sending SMS will be performed secretly through thread technique.
3. How to prevent
To use smartphone safely from security threats of these malicious applications, we recommend following tips "Smartphone security management tips" for general users.
INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function with nProtect Mobile for Android for mobile such as malicious file stated above and runs responding system against various security threats.