ID: IRCNE2012071545
Date: 2012-07-10
According to "ZDNet", a new piece of malware has been discovered on more than 100,000 Android smartphones in China. It generates revenue by silently downloading paid apps and multimedia content from Mobile Market, an Android app store hosted by China Mobile, one of the largest wireless providers in the world.
TrustGo, which first discovered the malware, is calling this particular threat "Trojan!MMarketPay.A@Android" and has already found it on nine app stores: nDuoa, GFan, AppChina, LIQU, ANFONE, Soft.3g.cn, TalkPhone, 159.com, and AZ4SD. The security firm also disclosed the following eight package names for the malware:
- com.mediawoz.goweather
- com.mediawoz.gotq
- com.mediawoz.gotq1
- cn.itkt.travelskygo
- cn.itkt.travelsky
- com.funinhand.weibo
- sina.mobile.tianqitong
- com.estrongs.android.pop
MMarketPay.A works by placing malicious orders at Mobile Market. Normally, a Mobile Market customer receives a verification code via SMS after purchasing an app or multimedia content, which he or she has to input back into the market to start the download. China Mobile then adds this order to the customer's phone bill.
MMarketPay.A automates this process and downloads as much as it can so that victims rack up huge phone bills.
Android lets you download and install apps from anywhere (provided you have the following option enabled: Settings => Applications => Unknown sources). If you want to minimize the chance of downloading malicious apps, please only use the official Google Play store.
- 2