Thursday, December 20, 2012

SpamSoldier Android Trojan Spreading via SMS Spam

Android MalwareAndroid users that go against their better judgment & download apps advertised in unsolicited text messages run the risk of infecting their smartphone with mobile malware packing botnet capabilities.

The SpamSoldier Trojan is spread through SMS spam offering users to download a free version of popular paid apps such as The Need for Speed Most Wanted, Grand Theft Auto 3 and Max Payne HD.

Given that the apps are downloading outside of the Google Play store, victims are instructed to first change their security settings to allow apps from “Unknown Sources” be installed on their phone. At that point the target can download the game Trojan and accept the permissions to complete the installation process.

Upon a successful infection, SpamSoldier will connect to it’s command & control server (C&C) to retrieve a list of 50-100 phone numbers along with the SMS message to spam them with. SpamSolider will keep in contact with it's C&C to send progress reports and retrieve a new list once the previous one has been exhausted. (Hopefully the victim has unlimited text messaging on their plan, otherwise they could be looking at an expensive phone bill!)

In addition to pumping out SMS spam offering malicious downloads, SpamSoldier also attempts to trick unsuspecting folks into handing over personal information by offering free gift cards. Here are a few of the SMS spam messages that SpamSoldier has been known to send:

  • Tired of SMS Spam? Download our free SMS Blocker today to finally rid yourself of unwanted messages! Download now at http://[redacted].com

  • Download Grand Theft Auto 3 & Need for Speed Most Wanted for Android phones for free at http://[redacted].mobi for next 24hrs only!

  • You have just won a $1000 Target Gift Card but only the 1st 777 people that enter code 777 at http://[redacted].com can claim it!

The domains associated with SpamSoldier are prone to change, but they are typically .mobi top-level domains.

What to Do If You Receive SMS Spam

If you do happen to receive text message spam, Cloudmark suggests that you

  • Do not reply to the text message.

  • Forward the text message to 7726 (S-P-A-M on your keypad).

Don’t bother replying with ‘STOP’ as that will only work if it’s coming from a legitimate commercial contact.

Tips to Keep Your Android Smartphone Safe

Keeping your Android smartphone isn’t terribly difficult; after all, user-interaction is required for SpamSoldier to take hold of your device. That being said, all you really have to do to keep your Android phone safe from this threat is to:

  • Avoid clicking on links or downloading apps advertised in unsolicited text messages.

  • Stick to official or reputable app stores such as Google Play or Amazon’s App Store for Android to download and install apps.

[via Cloudmark]

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

No comments:

Post a Comment