Your one-stop web resource providing safety and security information to manufacturers

There is a cybercriminal campaign whose main goal is to distribute Android malware that sends SMS messages to premium rate numbers and to ensure success, attackers are abusing legitimate websites.

One example is a popular Bulgarian site that offers branded watches, said researchers at security provider Webroot. Those who visit it end up redirected to another website which serves the SMS Trojans.

Twitter Fixes Message Spying Bug
Facebook App for iOS Flawed
Facebook Flaw: Webcam Recording
Twitter SMS Vulnerability

There are at least three variations of this campaign. In one of them, Russian-speaking users end up lured with a fake Adobe Flash Player app.

Besides malicious Flash Players, victims also get a promise of a new Google Play site and an Android browser.

Schneider Bold

Once it finds itself on a mobile device, the malware collects information such as IMEI, IMSI, phone brand, and operator data and sends it back to a remote server . After that, it starts inflating the victim’s mobile bill by sending SMSs to premium rate numbers.

Pin It on Pinterest

Share This