Your one-stop web resource providing safety and security information to manufacturers

A new Android malware is using SMTP to send the data it steals to its masters.

In general, there’s nothing out of the ordinary about this malware, said researchers from F-Secure. It poses as “Google Service” to remain undetected, and it makes sure it stays persistent by asking the user to activate device administrator.

RELATED STORIES
False AVG Antivirus App Targets Android
New Way to Spread Android Trojan
Mobile Spam Risks on Rise
Threat Report: Mobile Attacks Taking Off

Once installed, it starts collecting information such as phone number, sent and received SMS messages and recorded audio.

The harvested information ends up added to an email and sent via SMTP servers such as smtp.gmail.com, smtp.163.com and smtp.126.com back to the cybercriminals.

Schneider Bold

F-Secure researchers said they believe Chinese developers created the Trojan, detected as Trojan:Android/SMSAgent.C.

Researchers first found the threat one month ago on alternative Android app markets and other precarious websites. Currently, it’s still out there on the loose.

Pin It on Pinterest

Share This