Worm-like Android malware spreads using text messages

Samsapo uses a worm-like characteristic to spread to other Android devices

A new piece of malware for Android spreads itself via text messages and asks for a range of sensitive permissions, according to Eset.

A new piece of malware for Android spreads itself via text messages and asks for a range of sensitive permissions, according to Eset.

A piece of malware targeting Russian-speaking Android users abuses a person's contact list to try and infect other devices, according to security vendor Eset.

The malware, call "Android/Samsapo.A" can download other malicious files to a phone, steal personal information from a device such as text messages and block phone calls, wrote Robert Lipovsky, an Eset malware researcher. The malware uploads data to a domain that was registered about a week ago.

Samsapo spreads by sending text messages from an infected device to other people in the victim's contact list, a worm-like characteristic that has been used by other mobile malware programs.

The text message says "Is this your photo?" in Russian and has a link to an Android application package (.APK) file containing a copy of Samsapo.

"This technique wouldnt raise an eyebrow on Windows, but is rather novel on Android," Lipovsky wrote.

The APK file name makes it appear as a system utility: "com.android.tools.system v1.0." The program doesn't have a graphical user interface nor an icon in the application drawer, Lipovsky wrote.

Android will warn users when downloading applications from unknown sources. Google scans its Play store for malicious applications, which reduces the chance a user will download a malicious one.

Security experts generally recommend not downloading Android applications from third-party websites, as even legitimate looking applications may have been maliciously modified. Also, applications that ask for permissions such as reading and writing text messages should be viewed with caution.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Tags securitymobile securityesetmalware

Comments

Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Endpoint Security and Data Protection

Protect your computers and data.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.