Aggressive Virus Detected in Chinese Android App Store
Published on: 19th Aug 2012
Note -- this news article is more than a year old.
An anti virus vendor, TrustGo says that it has discovered a new and "extraordinarily aggressive" virus in China's largest Android marketplace, GFan.
Named Trojan!SMSZombie.A, the virus gives hackers remote control over victims' mobile SMS payments system allowing them to covertly authorize payments in any amount and at any time they wish. This new virus is also noteworthy because it includes self-protection mechanisms that make it difficult to eliminate.
Since its discovery on July 25th, the virus has been found in 7 apps in Chinese android markets and has infected more than 500,000 users. The company said that the virus' aggressiveness and advanced capabilities are believed to be a significant threat.
SMSZombie.A is distributed in popular live wallpaper apps and hides its viral payload by prompting users to accept additional files after installation. When users are tricked into taking this action, the malicious app displays a prompt to activate a new service that cannot be cancelled, and upon acceptance it then installs the code and disables users' ability to easily delete it.
Thus far, a number of provocatively named apps on GFan have been infected with SMSZombie. These include an app titled, "Android Animated Screensaver: Animated Album I Found When I Fixed My Female Coworker's Computer" as well as others with similar titles.
"By waiting to deliver malicious code until after installation, this virus is difficult to detect," said Xuyang Li, CEO of TrustGo.