It seems like every other week, we hear of a new malware that's been wreaking havoc on Android phones. But a new Trojan uncovered by security firm Kaspersky Lab stands head and shoulders above the ever-growing crowd of Android-targeted malware.
What the malware, technically named Backdoor.AndroidOS.Obad.a, does is nothing new: It sends text messages, or SMS, to premium numbers, as the charges accrue on the infected-Android user’s account.
In addition, the Trojan gathers personal data stored on the phone and sends it to a remote server controlled by the cybercriminals who created it.
But how the criminals actually carry out the cyberattack is much more interesting — and more dangerous. The coders of this malware obviously know what they're doing. In addition to encrypting their code more heavily than most cybercriminals, they discovered three previously unknown bugs in Android software, two of which are in the Android operating system itself. The Trojan exploits these vulnerabilities to penetrate infected Android phones as well as disguise its tracks.
[See also: Hipster Cybercrime: Malware Goes Retro for 2013 ]
One of these vulnerabilities allows Backdoor.AndroidOS.Obad.a to take Device Administrator privileges on the infected Android. That means it has access to all of the phone's data, programs and other functions.
However, the Trojan won't appear on the list of programs with Device Administrator privileges, so it's impossible to delete it from the phone. In fact, the Trojan doesn't use an interface at all. Like all malicious programs, it does present an initial installation request on the screen, usually with language that tries to trick the user into clicking OK.
After that, however, the malware runs entirely in the background.
It's rare to see such advanced obfuscation techniques in mobile malware, Kaspersky Labs said. The firm was the first to uncover the Trojan, calling it the "most sophisticated" malware program it has seen for Android to date.
"At a glance, we knew this one was special," security expert Roman Unuchek wrote on SecureList, the company's research blog.
Kaspersky Labs' Android anti-virus software is now able to detect Backdoor.AndroidOS.Obad.a and prevent it from compromising the infected device. The company has also notified Google of the bugs the malware exploited.
- 10 Things You Must Know About Malware Infections
- 13 Security and Privacy Tips for the Truly Paranoid
- Antivirus for Android: Top Ten Reviews
© 2012 TechNewsDaily