Symantec has recently observed an uptick in malware targeting the Android mobile computing platform.
The most recent example being the new Android, which like other Android Trojans is spreading via altered versions of legitimate apps hosted on unregulated third-party Android marketplaces.
Android.Pjapps masquerades as a popular ‘Steamy Window’ app. The legitimate features of the original app are still present in the malicious version, but it also features additional functionality that allows an attacker to build a botnet. Among other things, it is able to install applications, navigate to websites, add bookmarks to the user’s browser, send text messages and block text message responses. It also sends sensitive user information back to the attacker.
Looking at the threat capabilities, Symantec believes it has been designed and may be used to peddle ad campaigns and to obtain benefits from the use of third-party premium rate services at users’ expense.
To avoid becoming a victim of such Trojanised Android applications, Symantec recommends users:
* Only use regulated Android marketplaces for downloading and installing Android apps.
* Adjust Android OS application settings to stop the installation of non-market apps
* Review other users’ comments on the marketplace to assist in determining if an app is safe.
* During the installation of Android apps, always check the access permissions being requested for installation; if they seem excessive for what the application is designed to do, it would be wise to not install the application.
* Utilise a mobile security solution on devices to ensure any downloaded apps are not malicious.
* Enterprises should consider implementing a mobile management solution to ensure all devices that connect to their networks are policy compliant and free of malware.
More information at: http://www.symantec.com/connect/blogs/android-threats-getting-steamy.
© Technews Publishing (Pty) Ltd. | All Rights Reserved.
printer friendly version