A new malware for Android phones has been discovered, and users without unlimited texting plans may suffer the worst of it. The virus, developed and circulated by a server in Hong Kong, causes an infected Android handset to send virulent messages to thousands of live phone numbers daily and Android users have been advised to stay on alert until a suitable antivirus has been developed to combat this threat.
The virulent spam campaign was discovered by messaging security firm, Cloudmark Research, and noted that the virus spread through text messages offering free versions of Need For Speed Most Wanted, Angry Birds Star Wars, Grand Theft Auto and other popular games. Cloudmark noted that users, if deceived into installing the free application, unwittingly allow their handsets to connect to the Hong Kong server which sends back a set of 50 phone numbers, copies of the virulent text message, and instructions that force the handset to send the messages to each of the 50 numbers.
An Android handset can, on average, send 50 text messages in just a little over a minute. Once the first batch of virulent spam messages have been sent, the Hong Kong server sends over a fresh batch of phone numbers and the procedure repeats, resulting in the handset delivering thousands of virulent messages on a daily basis. This can be particularly taxing on the user’s phone bill but, to add to the user’s woes, the malware is also designed to block contact from any numbers not on the user’s contact list, preventing phone companies from getting in touch with the user.
The virus currently affects only Android devices, and is not known to be affect iOS, Windows Phone and Blackberry devices. Dan Hoffman, mobile security researcher at networking technology firm Juniper Networks, has stated that they have identified and tracked nearly three and a half times more Android-targeting malware in the last year through the end of October. Hoffman also notes that the attacks are becoming more malicious, more frequent and more complex. Andrew Conway, researcher at Cloudmark, advises caution to all Android users and recommends that they completely avoid downloading apps from any source that isn’t Google Play, which he asserts is 99.99% trustworthy, owing to its increased vigilance of hackers and its near-immediate response to remedying security breaches.
