Resources

Thursday, May 23, 2013

Just Another Mobile Phone Blog: New Trojan for Android steals the SMS-message

Just Another Mobile Phone Blog
// via fulltextrssfeed.com
New Trojan for Android steals the SMS-message
May 23rd 2013, 09:38

The company "Doctor Web" reported the discovery of a new malware for the platform Android, capable of intercepting incoming SMS-message and redirect them to malicious users. Trojan Android.Pincer.2.origin is a very serious threat to users, as in stolen them messages may be, including screening and mTAN-codes that are used by various financial systems, such as "Client-Bank" for confirmation of transactions, as well as other confidential user information.

Trojan detected by the specialists of "Doctor Web" a few days ago, is the second known member of the family Android.Pincer. Like its predecessor, the updated malware spreads as a security certificate, which is supposed to want to install on your mobile Android-powered device. If the unwary user installs and tries to run the Trojan, Android.Pincer.2.origin show a false report about the successful installation of the certificate, and then the time will not show any significant activity.

To boot with the operating system, the Trojan registers a system service CheckCommandServices, which subsequently runs as a background service. In case of a successful start at the next turn Android.Pincer.2.origin mobile device connects to a remote server and downloads the malicious him a number of information about the mobile device.Among them:

  • model name
  • serial number of the device
  • IMEI-id
  • the name of your service provider
  • A Cell Phone
  • language used by default in
  • version of the operating system
  • information about whether there is root-access

Next, the malicious program waits proceeds from intruders control SMS-message with the text type "command: [team name]" that provides instructions for further action. The following information: the interception of communications with the specified number, send an SMS with the specified parameters, performance of USSD-request, a warning message on the mobile device, change of address management server, sending an SMS with the text pong at a pre-specified number, changing rooms, which leaves a message with the text pong. intercept messages from command specified number enables the use of malware as a tool to carry out targeted attacks and steal specific SMS, for example, messages from the system "Client-Bank" containing mTAN-checking codes or confidential SMS, designed for the most different categories of people, from simple users to corporate executives and government agencies.

You are receiving this email because you subscribed to this feed at blogtrottr.com.

If you no longer wish to receive these emails, you can unsubscribe from this feed, or manage all your subscriptions

0 comments:

Post a Comment

Powered by Blogger.
 
topmobile-phone Copyright © 2009 Blogger Template Designed by Bie Blogger Template