Share

Related Links

Top 5 Stories

News

New Android trojan infects 100,000 in China

09 July 2012

A new Android trojan that provides a variation on covert premium calls has been located in China: it secretly buys apps via China Mobile’s Android Market. The cost is automatically added to the user’s phone bill.

Security firm TrustGo Mobile discovered the malware last week, and called it Trojan!MMarketPay.A@Android. It has been found in 9 China app markets and has already infected more than 100,000 Android devices. TrustGo warns that it may be delivered as a repackaged app, such as cn.itkt.travelskygo or com.funinhand.weibo.

Its purpose is to log on to the China Mobile Android Market and download paid-for apps and video. China Mobile is one of the world’s largest mobile providers with 677 million customers. It operates an app store (Mobile Market) for its customers where prices are automatically added to the users’ phone bills.

The Mobile Market allows users to log in and download free or paid-for apps, or view multimedia content. If an app is paid for, China Mobile sends a verification code to the user. MMarketPay operates by covertly instigating and hijacking the log-in process, and intercepting the verification code.

For now, TrustGo concludes that “this sophisticated new malware could cause unexpected high phone bills.” However, given the large number of apps that are installed and their relatively low cost, it is perfectly possible that many users will notice neither the app nor the addition to the phone bill – and will remain unaware that they have been infected. The same methodology could also be used to download and install ‘free’ spyware or spyware-infected apps that might have been planted in the Market.

TrustGo notes that the majority of mobile malware is found in applications that originate from and attack third-party markets in China and Russia. It “recommends customers only download apps from trusted app stores and download a mobile security app which can scan malware in real-time.”

This article is featured in:
Malware and Hardware Security  •  Wireless and Mobile Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×