tag:blogger.com,1999:blog-90762172917607483152024-02-21T00:24:58.829-08:00Android Anti-VirusAndroid Anti-Virushttp://www.blogger.com/profile/09291252983066226587noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-9076217291760748315.post-36156553123138642872010-08-11T07:52:00.001-07:002010-08-11T07:52:33.394-07:00First SMS Trojan for Android (Trojan-SMS.AndroidOS.FakePlayer.a)<div style="text-align: center;">I think the title of this post speaks for itself. Trojan-SMS.AndroidOS.FakePlayer.a passes itself off as a media player application. If the user chooses to install it, this icon with the name "Movie Player" will appear in the list of applications:</div><div style="text-align: center;"><br />
</div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEib8bIJDkAfSJEuhg3ywMw1j-cvjBJnNjxUx49GNufBs4VdPE-_42arMGms-pyVkk4zRajz-Py-Tpx4liKqCPSrrPl5uPIKesveFhvKKNsCcAOse6WvpNTropOv2HOhkhsIuBlZa9LLouI/s1600/sssssssssssssss.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEib8bIJDkAfSJEuhg3ywMw1j-cvjBJnNjxUx49GNufBs4VdPE-_42arMGms-pyVkk4zRajz-Py-Tpx4liKqCPSrrPl5uPIKesveFhvKKNsCcAOse6WvpNTropOv2HOhkhsIuBlZa9LLouI/s320/sssssssssssssss.png" /></a></div><div style="text-align: center;"><br />
</div><div style="text-align: center;"><br />
</div><div class="c" style="text-align: center;"><br />
</div><div style="text-align: center;"><br />
</div><div style="text-align: center;">The malware sends SMS messages to two premium rate numbers 3353 and 3354, with each message costing approximately $5. It does this stealthily, without requiring any confirmation from the device owner.</div><div style="text-align: center;"><br />
</div><div style="text-align: center;"><a href="http://www.blogger.com/post-create.g?blogID=9076217291760748315" name="readmore"></a>During installation, the user is asked to allow this application to send SMS.</div><div style="text-align: center;"><br />
</div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUtBNsXvS8y67ihNDds53Y0Ix9EdMFd7O66u71oUy57ffhHMvxIaTkCOGFxgnRVRk6Gu8FqmStC8O0HZ0fxT5PoYvLP-bkcZL_XTGlf2TQRtkspMcvPznQdD430I87n6oCCSDTDKcNaUE/s1600/snap20100811_161830.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUtBNsXvS8y67ihNDds53Y0Ix9EdMFd7O66u71oUy57ffhHMvxIaTkCOGFxgnRVRk6Gu8FqmStC8O0HZ0fxT5PoYvLP-bkcZL_XTGlf2TQRtkspMcvPznQdD430I87n6oCCSDTDKcNaUE/s320/snap20100811_161830.png" /></a></div><div style="text-align: center;"><br />
</div><div style="text-align: center;"><br />
</div><div style="text-align: center;"><br />
</div><div style="text-align: center;">This is a huge red flag - why does a simple media player require permission to send SMS messages? – and anyone who’s paying attention during the installation process will immediately be suspicious.</div><div style="text-align: center;"><br />
</div><div style="text-align: center;">This flags up an important point: when installing a new program, you really should pay attention to which services the application requests access to. Automatically permitting a new application to access every service it requests means you could end up with malicious or unwanted applications doing all sorts of things without requesting any additional confirmation. And you won’t know anything about it.</div><div style="text-align: center;"><br />
</div><div style="text-align: center;">Trojan-SMS.AndroidOS.FakePlayer.a is quite a development – yet another popular mobile platform, and one with an ever increasing market share is now being targeted by the bad guys. At the moment, although anyone’s device can be infected, the Trojan only causes losses for Russian users, and as far as we can tell, it’s currently not being spread via Android Marketplace.</div><div style="text-align: center;"><br />
</div><div style="text-align: center;">In the past, though, we’ve seen plenty of local problems evolve to become global ones. And when we get malware that uses a new infection vector or targets a previously untouched platform, we know that sooner or later, there will be more on the way.</div><div style="text-align: center;"><br />
</div><div style="text-align: center;"><br />
</div><div style="text-align: center;"><br />
</div><div style="text-align: center;"><br />
</div><div style="text-align: center;">Using "MyAntiVirus Pro" is it possible to detect the Virus (Trojan-SMS.AndroidOS.FakePlayer.a) :</div><div style="text-align: center;"><br />
</div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyLB6Pfs0g2uGwEjMDNXpvqfIQ-igUgu2rH6WQxmc9O_vVwCGnMSCbAV6Ddr_w8mEBMs1abp7ZNSbJcGIWpbklkWzJ7bVToSsM5hnlFy1PAmHpwhabpn_5NRLLiH816sPzEaq-T64chXA/s1600/qrcode.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyLB6Pfs0g2uGwEjMDNXpvqfIQ-igUgu2rH6WQxmc9O_vVwCGnMSCbAV6Ddr_w8mEBMs1abp7ZNSbJcGIWpbklkWzJ7bVToSsM5hnlFy1PAmHpwhabpn_5NRLLiH816sPzEaq-T64chXA/s320/qrcode.png" /></a></div><div style="text-align: center;"><br />
</div><div style="text-align: center;"><br />
</div><div style="text-align: center;"><br />
</div><div style="text-align: center;"><br />
</div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEguJTqWuZyhxaZH1IIoIYzVDmWwyhcq67wmbq2sf5JnjchUI7IfVEmEOdp_rSIEXMWF-hZpdoWwwmwrxZ_x8lUhGGPU1EXQfcudKzxP5E3Gq_heiyHzlShX6tl7zpqxNk42uJhEFM8-zNA/s1600/snap20100811_161830.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEguJTqWuZyhxaZH1IIoIYzVDmWwyhcq67wmbq2sf5JnjchUI7IfVEmEOdp_rSIEXMWF-hZpdoWwwmwrxZ_x8lUhGGPU1EXQfcudKzxP5E3Gq_heiyHzlShX6tl7zpqxNk42uJhEFM8-zNA/s320/snap20100811_161830.png" /></a><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhz7tFDN8qE4Cs7MHVSkip4n4rylrDHsbzipcyfEKGhAOAXaVJkmyHnKO0WgKv3tDn4YIUhyWnrzfJOMX5kUkS_PmeQ7m1xzP7TAwybuReijTYha5AAk9-R9DnyTkaT4mls-_1z3XL-rcE/s1600/snap20100811_161907.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhz7tFDN8qE4Cs7MHVSkip4n4rylrDHsbzipcyfEKGhAOAXaVJkmyHnKO0WgKv3tDn4YIUhyWnrzfJOMX5kUkS_PmeQ7m1xzP7TAwybuReijTYha5AAk9-R9DnyTkaT4mls-_1z3XL-rcE/s320/snap20100811_161907.png" /></a><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjET-R5Wct_q8FPciXfX8LX9YSQF3xChulL8MfhEfwdWaBj0BO4HRIitO21lOZCvtkfAGUX-RumZdkRxA_BcTfyn2PaVqdMHFU_Q3d-f8lKgDzezeuAd2_FLs6EVTV8qZHXzg9EOQ7V_7E/s1600/snap20100811_161917.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjET-R5Wct_q8FPciXfX8LX9YSQF3xChulL8MfhEfwdWaBj0BO4HRIitO21lOZCvtkfAGUX-RumZdkRxA_BcTfyn2PaVqdMHFU_Q3d-f8lKgDzezeuAd2_FLs6EVTV8qZHXzg9EOQ7V_7E/s320/snap20100811_161917.png" /></a><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtiohxRlr5exV_dzsiPoBt9LGwfjDf4QcS38lgLyYH39oDvrkM3w_Gw5VKVCalIRmS5w-URlNXBE0stRewTgZ3Aurcosyn-6zkCZpRpVuVoSOft-pGG-kRmpH3yoTs0dQMDHKWX87t2QI/s1600/snap20100811_161935.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtiohxRlr5exV_dzsiPoBt9LGwfjDf4QcS38lgLyYH39oDvrkM3w_Gw5VKVCalIRmS5w-URlNXBE0stRewTgZ3Aurcosyn-6zkCZpRpVuVoSOft-pGG-kRmpH3yoTs0dQMDHKWX87t2QI/s320/snap20100811_161935.png" /></a><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQGUc5dRKFvxLyJ1RqVdL_IQVYUgGS48Jyx85HWH4J-cVCeYQGnbaWHXtmhGA_nyk-0C46Iytd6FDRFBJuIEXMsPHlAcIBE2Ni6Tbkg9MusDqUViSnPKkJuQ5DfO_F1NgQ7GmL5BbaFSk/s1600/snap20100811_161942.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQGUc5dRKFvxLyJ1RqVdL_IQVYUgGS48Jyx85HWH4J-cVCeYQGnbaWHXtmhGA_nyk-0C46Iytd6FDRFBJuIEXMsPHlAcIBE2Ni6Tbkg9MusDqUViSnPKkJuQ5DfO_F1NgQ7GmL5BbaFSk/s320/snap20100811_161942.png" /></a><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKxK9PzK_jGQb-oZlTvsDPkUpRj_OOPNgHQqRIg0OOZI2wOJbFH0fZmxKPKrdLNtLTpi5vE0ISXq4bhzdFoPnHPmG3t1D8QsjqzVSA6jSz5Po2xxpUV8wAF9lUO-MlBld_wB0kSRa7syc/s1600/snap20100811_161946.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKxK9PzK_jGQb-oZlTvsDPkUpRj_OOPNgHQqRIg0OOZI2wOJbFH0fZmxKPKrdLNtLTpi5vE0ISXq4bhzdFoPnHPmG3t1D8QsjqzVSA6jSz5Po2xxpUV8wAF9lUO-MlBld_wB0kSRa7syc/s320/snap20100811_161946.png" /></a><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXnO8lxS1pzuYZr0Sqxh8_0ssxsoLxrG90SJ2Sk3Fz0_C3lJbvVcO6O5GyXzUuXY0RVgQeB0_G8FiIJNuqhpS3yU7tnrV1bub8bjj3A5NfJVHhnug-wBjV2dCM5rQimKWMRsj1XKKRUPw/s1600/snap20100811_161952.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXnO8lxS1pzuYZr0Sqxh8_0ssxsoLxrG90SJ2Sk3Fz0_C3lJbvVcO6O5GyXzUuXY0RVgQeB0_G8FiIJNuqhpS3yU7tnrV1bub8bjj3A5NfJVHhnug-wBjV2dCM5rQimKWMRsj1XKKRUPw/s320/snap20100811_161952.png" /></a><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgb3dNwPjJIFneZhWKcQa9eYbCNWkvTZFCtRUdhwBHI6RKIUoomh-UlPHWQIxXvjPFFPtPQ1cn0qHoQw8jAZGGQXSHwbcI6FLJ4E2HSryww2tcTIhKCEm08DnXG6DD1z5BP234Qo6xmboY/s1600/snap20100811_162055.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgb3dNwPjJIFneZhWKcQa9eYbCNWkvTZFCtRUdhwBHI6RKIUoomh-UlPHWQIxXvjPFFPtPQ1cn0qHoQw8jAZGGQXSHwbcI6FLJ4E2HSryww2tcTIhKCEm08DnXG6DD1z5BP234Qo6xmboY/s320/snap20100811_162055.png" /></a><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9Husb99CMaBSI8rKHrfo-2Gf2ptoC7Vdk4-BM5d2ArK1XyHkAWi1xNWcO23_YQCTsGUWl5c_ya8saaQjgtB_ZJmC_azN0EwaLE8Zp6Lgp78z8hfAM9smzR9D7ySW1LLRnmqDlZCexis0/s1600/snap20100811_162103.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9Husb99CMaBSI8rKHrfo-2Gf2ptoC7Vdk4-BM5d2ArK1XyHkAWi1xNWcO23_YQCTsGUWl5c_ya8saaQjgtB_ZJmC_azN0EwaLE8Zp6Lgp78z8hfAM9smzR9D7ySW1LLRnmqDlZCexis0/s320/snap20100811_162103.png" /></a><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVbv6hUihkyVJ2klG5IzxAO8nelolFRG7cORzuJFyTPgLsSq96rIf6SOyLLUga7BJjC5B0AKXpryPIEIpqROS0mfZn_QcWD-oc4T5IIA1lAtbG7YAFfVf1qMvYB7ctC6WZVsCWbmFatHA/s1600/snap20100811_162108.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVbv6hUihkyVJ2klG5IzxAO8nelolFRG7cORzuJFyTPgLsSq96rIf6SOyLLUga7BJjC5B0AKXpryPIEIpqROS0mfZn_QcWD-oc4T5IIA1lAtbG7YAFfVf1qMvYB7ctC6WZVsCWbmFatHA/s320/snap20100811_162108.png" /></a><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhlJZM93mCIjRZSAHimLDsD2RWadBaYv4i3LGMDgOK9PfIC92zxLO2OSIlIYCuG_1Kh7A5ZT4qV9bUqQ5dgv8PNhX7NGe7AoUAHnmRWLHt-BZnAfYoZHqzWVGKPrfq00MMkYGEKY2JrZ7o/s1600/snap20100811_162111.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhlJZM93mCIjRZSAHimLDsD2RWadBaYv4i3LGMDgOK9PfIC92zxLO2OSIlIYCuG_1Kh7A5ZT4qV9bUqQ5dgv8PNhX7NGe7AoUAHnmRWLHt-BZnAfYoZHqzWVGKPrfq00MMkYGEKY2JrZ7o/s320/snap20100811_162111.png" /></a></div><div style="text-align: center;"><br />
</div>Android Anti-Virushttp://www.blogger.com/profile/09291252983066226587noreply@blogger.com0