Share

Related Stories

  • Stealer Trojan Becomes Mobile Malware Leader
    It’s no secret that mobile malware is growing exponentially, with Android bugs leading the way, but one stands out above the rest: The Trojan-SMS.AndroidOS.Stealer.a - better known as 'Stealer' - has become a leader in terms of the number of attempted infections on user devices monitored by Kaspersky Lab.
  • Apps on Google Play Can Secretly Subscribe Users to Premium SMS Services
    Traditional advice is to use the official app stores to avoid mobile malware – but a Spanish security firm has discovered four apps available via Google Play that scam their users into covertly subscribing to premium SMS services and stealing money through their phone bills.
  • Premium Fraud Alert: MouaBad Android Variant Makes Secret Calls
    A new Android malware family has emerged in recent months, dubbed Mouabad. It gives third parties control over user devices and enables malicious parties to defraud victims via premium-rate SMS billing.
  • SMS Spam Report Highlights Football Betting and Payday Loan Spam
    Payday loans and sports betting – the latter hitting new heights with the start of the football season – are behind the majority of messaging spam received in the UK.
  • Jekyll Malware Turns Benign Apple iOS Apps into Evildoers
    The Apple iPhone is notoriously overlooked by most malware authors – thanks in no small part to the company’s rigorous mandatory app review and code signing mechanisms for any program it allows into the App Store. But a group of Georgia Tech researchers have created the Jekyll gambit for creating iOS malware, which allows attackers to reliably hide malicious behavior that would otherwise get their app rejected by the Apple review process.

Top 5 Stories

News

Fake Porn App is First SMS Trojan to Land on US Soil

23 April 2014

SMS trojans are starting to appear in more and more countries, and for the first time, researchers have detected an active SMS trojan in the US.

Trojan-SMS.AndroidOS.FakeInst.ef actually targets users in 66 countries, but has finally landed on US shores. According to Kaspersky, FakeInst disguises itself as an application for watching porn videos, and is capable of sending messages to premium-rate numbers. Once installed on the phone, the trojan can intercept incoming messages and then perform various actions, including steal messages, delete them or even respond to them.

As well as sending unauthorized text messages that cost around $2 each, the trojan can send an SMS from an infected device with a preset text to a number specified in a command and intercept incoming messages.

“The geographical spread of SMS Trojans has significantly widened in recent times,” said Roman Unuchek, senior malware analyst at Kaspersky Lab, in an emailed comment. “Two years ago, it was unusual to see this sort of malware outside the CIS, but by the beginning of 2014, users in 66 countries had encountered the Trojan AndroidOS.FakeInst.ef, including in North and South America as well as Europe.”

FakeInst was detected by Kaspersky Lab back in February 2013, originating from the Russian uunderground. Since then, 14 various versions of it have emerged. The earlier versions were only capable of sending messages to premium-rate numbers in Russia. But by mid-2013 other countries appeared on the “support list.” most Trojan-SMS.AndroidOS.FakeInst.ef infections were in Russia and Canada.

Unuchek added, “It appears that the cybercriminals have built up sufficient resources to expand their illegal business on a global scale.”

This article is featured in:
Application Security  •  IT Forensics  •  Malware and Hardware Security  •  Wireless and Mobile Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×