More Malware is now targeting Android devices

More Malware is now targeting Android devices

Researchers have recently discovered new malware that is targeting Android devices. One is a new variant of the "DroidDream" Trojan found in apps that Google recently  removed from the Android Market.  This included new variants of the "DroidDream Light" Trojan.  Fortunately, this malware was available in the Android Market for only a short period of time, so the number downloads was limited to less than 5,000, before it’s removal.

Additionally, four applications, all published by a developer named "Mobnet" called "Quick FallDown", "Scientific Calculator", "Bubble Buster", "Best Compass and Leveler" have been found, and similar to the samples of DroidDream found in March and May of 2011, the samples do not rely on an Android user to manually launch the infected application to start  These Malware variants have the capability to change the next connection time and the command-and-control server the Trojan distributor uses to communicate with the malware on the infected device.  Then it initiates an app download and creates several install-related prompts that direct the victim to download other apps; visit a potentially malicious Web address; and the download software that would in turn download an updated version of the malware.

A new Android Malware application named "HippoSMS" has also been released into the wild that is designed to incur phone charges by sending SMS messages to a hard-coded premium-rated phone number.  It also blocks or removes short messages that mobile service providers send to customers to warn them of additional charges.

Also, a new version of the Zitmo banking Trojan has been discovered that specifically targets Android devices  This particular malware poses as a banking activation application, and listens to all incoming SMS messages, and forwards them to a remote Web server. One-time pass codes that banks send to customer phones via SMS messages for two-factor authentication  purposes could be grabbed by this malware.

Android users can protect themselves from malicious apps by:

  • Downloading applications only from trusted sources and developers, who are known by name and rating.

  • Checking permissions that application request and using common sense to ensure that permissions match the applications features.

  • Being on the alert for unusual behavior on the phone, such as unknown applications being installed, SMS messages being sent to unknown recipients, or phone calls automatically being placed.

  • Installing Anti-Virus/Anti-Malware applications and keeping them regularly updated. 

The above mentioned issues are going to be even more critical as Point of Sale applications are increasingly directed towards providing supported use with mobile devices.

If you would like to know more about up-and-coming mobile applications for POS Systems, please contact CCS Retail Systems.  See our NEW CPMobile article.


Leave a Reply