Android Malware Family Infecting Smartphones through SMS Phishing

339 1

A new Android malware family is infecting smartphones through SMS phishing. To infect the potential victims, the malicious actors send them SMS texts containing links. 300 samples of the malware have been found in the wild so far. Security expert from Tripwire commented below.

Craig Young, Security Researcher at Tripwire:

“The answer to this and most other SMS based threats is as simple as not clicking links received from unsolicited SMS or e-mail messages. While there may be little one can do to protect against for example 0-day vulnerabilities within the Android media server, most SMS attacks do not leverage any vulnerability other than human nature.

Users who fell victim to this attack not only failed to adhere to this simple principle but they also granted administrator privilege to the unknown application. In Android, after an application has been installed, it can request that the user grant additional permissions to lower level functionality on the device. A common ploy I have observed with Android ransomware is that the app will nag the user with constant pop-ups until the user complies by granting Administrator access. Once granted, an app can lock the user out of the device and make itself virtually impossible to remove without the aid of security or debugging tools.  The best bet when an app is persistently asking to become an Administrator is to hold the power button to restart the phone and remove the malicious application.

Keeping the options enabled to only install apps from Google Play and to verify apps upon installation will also minimize exposure to such threats.”

About Tripwire
Tripwire logoTripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire’s portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence.

In this article