Monday, August 20, 2012

TrustGo: SMSZombie Attacks Android on China Mobile

TrustGo Security Labs calculates that an SMS Zombie virus has infected some 500,000 Android smartphones on China Mobile's network.

The malware, which has been detected in a variety of wallpaper apps, will request the user to install additional "Android System Service" files by which the virus payload is delivered. The SMSZombie then exploits a vulnerability in the mobile payment system used by China Mobile to generate unauthorized payments, steal bank card numbers and money transfer receipt information. The virus disables the user's ability to delete it and the amount and timing unauthorized charges can be changed at anytime by the malware makers.

TrustGo is developing an automated removal process that it hopes to releases later this month.

  • In July, TrustGo discovered a different virus targeting China Mobile’s Mobile Market. Named the Trojan!MMarketPay.A@Android, the virus automatically places orders and downloads paid apps and video content which can result in unexpectedly high phone bills. Infections were estimated at more than 100,000 devices.

See also