New android malware disguised as racing game

10:50:00 PM

New android malware disguised as racing game


 

Racing game addicts, beware. This racing game for devices running Google's Android system may be racing to send home the data on your phone to its controller.
Computer security firm Trend Micro said the Trojanized Android app, "GoldDream," is disguised as a racing game called “Fast Racing."
"For a game, this Trojanized version needs a lot of permissions–more than is typical for an app like this," threats analyst Kevin Alintanahin said in a blog post.
Alintanahin said that when the phone boots, the malware will start its service named "Market" – seemingly to trick the user that it is just a harmless service.
The malware then monitors the user’s incoming text messages. Once a message is received, it will record the message and the original sender, and copy this to a text file named zjsms.txt.
It will also keep logs of incoming and outgoing calls and save them in a file zjphonecall.txt.
But he said this malware is also capable of communicating to a remote command-and-control (C&C) server.
"(This) attack can (also) connect to alternative servers if instructed to do so by its current C&C server. In addition, it can also update itself, which may be an attempt to make it harder to detect and remove," he said.
"Whatever C&C server it uses, it can phone home and send the phone’s information such as device ID, subscriber ID, and SIM Serial Number," he added.
The malware can even upload files, including the call and SMS logs.
Alintanahin said the malware can also receive the following commands:
install\uninstall apps make a call send a text message"Based on this new threat, it appears that Android malware writers have added some new features that are common in the desktop environment, but new to mobile devices," he said. — Source: LBG, GMA News

You Might Also Like

0 comments