Second smartphone trojan hits Android handset platform

According to Kaspersky Labs, a second major piece of malware targetting the Android platform has appeared in the wild. Classed as a Trojan-SMS, the mobile malware is being distributed via Russian language sites used for adult related internet content.

The owners of these adult content sites are deliberately prompting Android users to download the new Trojan, whilst users of other platforms receive the desired content.

"As with its predecessor, the latest Trojan – Trojan-SMS.AndroidOS.FakePlayer.b – masquerades as a media player", says the IT security vendor, adding that a smartphone can only be infected if the user manually installs the application.

Users of smartphones running Android are asked to download the pornplayer.apk application from an infected webpage in order to view adult content videos.

Interestingly, Kaspersky says that the Google Android installation file is only 16.4 kilobytes in size and, during installation the Trojan seeks the user's consent to send SMS messages – a requirement that a media player is very unlikely to need.

The fraudulent result of the malware is that the users' Android handset starts sending text messages to premium rate numbers at around $6.00/£4.00, which, Kaspersky says, results in large sums being charged to the users' mobile phone bill.

Commenting on the revelations, Denis Maslennikov, Kaspersky Labs' mobile research group manager, said that Android users should pay close attention to the services that an application seeks permission to access.

"Automatically permitting a new application to access every service that it says it needs to means you could end up with malicious or unwanted applications doing all sorts of things without requesting any additional information", he said.

Infosecurity notes that, unlike many landline telcos, cellcos are under no obligation to block calls and texts to premium rate numbers, despite this facility being available in the early days of UK cellular services.

What’s Hot on Infosecurity Magazine?