Home
Mobiles
Mobiles News
Android Phones Being Affected by New Password, SMS Stealing Trojan: CERT In

Android Phones Being Affected by New Password, SMS Stealing Trojan: CERT-In

By Press Trust of India | Updated: 9 December 2014 18:31 IST

Cyber-security sleuths have alerted Android-based smartphone users against an infectious Trojan which steals vital information from the personal device and can even illegally send SMSes to those on the mobile contact list.

The Trojan has been identified as 'AndroidSmssend' and it can acquire as many as four aliases to hoodwink the user and perpetrate its destructive activities on a personal Android enabled phone.

"Android/SmsSend is a premium service abuser family malware that arrives bundled with legitimate Android applications and infects Android-based smartphones.

"Once infected, it sends text messages (typically with a link to itself or a different threat) to a specific number, typically to numbers on the contact list and is also capable to send SMS to premium rate numbers," the Computer Emergency Response Team of India (CERT-In) said in its latest advisory to Android phone users in the country.

(Also see: Android devices targeted by 99 percent of all mobile malware in 2013: Cisco)

The CERT-In is the nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian Internet domain.

It said that after a typical successful infection, basic information about the smartphone like IMEI number, device ID, device type among others are compromised and it can even install spyware on the targeted device.

The Trojan is so notorious, the agency said, that it "steals contacts and pictures, tracks the location, steals passwords, illegally accesses text messages, crashes a complete system, steals personal banking information when logged in, installs other sort of spyware and disables firewall and anti-virus program to defend itself."

The CERT-In said the malware is created by modifying the legitimate application and then re-distributing via marketplace or other separate channels.

The agency has suggested some counter-measures in this regard.

"Do not download and install applications from untrusted sources, install applications downloaded from reputed application market only, run a full system scan on device with mobile security solution or mobile anti-virus solution, check for the permissions required by an application before installing, exercise caution while visiting trusted/untrusted sites for clicking links, install Android updates and patches and use device encryption or encrypting external SD card feature available with most of the android OS (operating system)," it said.

Also, avoid using unsecured, unknown Wi-Fi networks and make a practice of taking regular backup of the Android device, the advisory said.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.