Watch out for Russian Android worms

happygeek 4 Tallied Votes 391 Views Share

As a platform, Android is naturally very attractive to the criminal fraternity in terms of potential profitability. After all, it has the market share and that nearly always means it has large numbers of users for whom the word security may as well be written in the Cyrillic alphabet. My analogy assumes, of course, that those are users not familiar with this particular script and I used it for good reason: new worms coming out of Russia are posing a threat to Android users.

Denis Maslennikov, a security analyst with AdaptiveMobile, has discovered a previously unknown worm called Selfmite. This comes hot on the heels of another Android worm called Samsapo which uses the old monetization chestnut of premium rate SMS message sending.

The Selfmite loader spreads using SMS as a transport mechanism, and once the malicious app is installed the worm itself propagates by sending a text message to users in the address book of the phone that has been infected rather than by doing the premium rate thing as you might expect. So how does Selfmite realise a profit?

Well, the messages it sends encourage users to install a legitimate app by way of an advertising platform which pays the worm author a small commission for every app installation. According to Maslennikov the worm is out in the wild, and unlike Samsapo which was largely targeted at Russian users, it has already been seen to be active on North American operator networks.

"SMS worms for Android smartphones have previously been rare, but this and the recent Samsapo worm in Russia may indicate that cybercriminals are now starting to broaden their attacks on mobile phones to use different techniques that users may not be aware of" Maslennikov warns.

AdaptiveMobile has contacted Google and the malicious URL has been disabled, but that doesn't mean more will not surface or are not already out there of course.

Hiroshe 499 Posting Whiz in Training

At the very least, it's not due to any security flaws. It propigates through the usual social engineering tacticts.

Human ignorance is probably one of the more worrying things in computer security.

happygeek 2,411 Most Valuable Poster Team Colleague Featured Poster

Absolutely. If you don't know who the weak link is in the IT security chain, it's probably you. Back in the day, twenty years or so ago, we used to get a lot of help with with our 'unathorised network exploration activity' courtesy of searching skips and bins outside businesses for documents containing login data and the like; not much has really changed, apart from not needing to get your hands dirty in the dumpster of course.

Hiroshe 499 Posting Whiz in Training

It also has to do with users, not just TI (ok, true, if someone in IT doesn't know what there doing, and there is a lack of audits, then that IS indeed MORE scary).

Even if you have a sales rep for example who isn't as familiar with technology, their the one's I'm generally scared about. They might get a simple email that "looks" like it's form the administrator asking to run something and BAM. Public-key crypto virus encrypts a bunch of valuable files, and asks the company for ransom. Even if the company pays, there isn't even a guerentee that the attackers bothered to keep the private key. That's just one example out of hundreds..

I thought that most companies would have meetings or something to make sure everyone understands where you can and where you shouldn't type your password as well as well as what you should and what you shouldn't run on your computer. NOPE. I've seen a couple of places in the Canadian government, as well as a few private companies where employees are not aware of it entirely.

You could have the best and most expensive software in the world, as well as a team of the best security professionals. But if your employees are ignorant, then that pretty much negates all of the efforts right there.

istteffy 0 Newbie Poster

I agree with the fact that we need to distribute security awareness to the population, also security policies and greater law enforcement would help to avoid some digital crimes. I have started an extense research on Crowd Sourced Data, Security and Android Devices and I learnt a lot on how people are unaware of the unecessary security privileges that applications are granted, and how most people just click on the next buttom to install apps and also how the Mobile Developments have helped and modernized security, etc.

expertmagician 0 Light Poster

Interesting....while Apple iPhone is not immune, I "emotionally" feel that the iPhone platform is more secure. Call me nieve, as I said, it is just a gut feel. I guess Apple marketing convinced me :-)

I am sure other people will disagree with me, which is fine because my feel is based in emotion and not fact :-)

Kelly Burby 44 Posting Pro

Interesting I would say this might be the reason why its always said again and again that iOS offers way more secured environment than Google's Android.

expertmagician 0 Light Poster

Personally, I am also nervous about jailbreaking my iPhone.
I plan on upgrading to an iPhone 6 ONLY if the come out with a 5.5" to 6" phone.

IF I upgrade, then I can jailbreak my old iPhone and run some cool apps which only work on a jailbroken phone. Since my old iPhone may be open to malware, I will not care since it will be a junk phone anyway :-)

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.