The growing popularity of Android, and the tendency of the user for storing an important data on their mobile phones,are attracting the Hackers.They are targeting users of Google’s Android mobile operating system with a malicious application that harvests personal information, controlling the system and sending it to the remote server.
We have received one such malware, targeting the Chinese android users, which uses SMS-based subscription system to sign-up the users for certain services without the user’s knowledge and consent, causing the user the financial loss.
In china the SMS based subscription, involves three stages.
1: A user sends a service-subscribing SMS message to a service provider.
2: The service provider replies a service-confirming SMS message that contains the detailed information of the service back to user.
3: The user needs to confirm the subscription by replying back again another SMS message with certain content such as “Y.” Otherwise, the user does not mean to sign up for the service.
This malware confirms subscription to SMS premium services without user acknowledgment or confirmation.
After installation its Icon look like this.
.
While Installation its ask the user for below permissions
The malware sends confirmation by the name of the user with the text ‘Y’ to complete the process.
The malware sending the SMS with the confirmation to the Service provider.
Quick Heal Mobile Security detects this malware as Android.RogueSPPush.A
Leave a reply
