We have a bad news for Android Users,
especially who use SMS Services for Business needs. A new Android
Malware has been found by a Russian Security company, Dr Web,
which can get access to your incoming SMS Messages and forward them to
cyber criminals. As said before, the Malware would be majorly affecting
people who used to pass codes or something through SMS Messages.
The company has detected that
the Malware is “Android.Pincer.2.origin”, which is the latest destroyer
from “Android.Pincer” family. These malwares are installed in your PC
under the label of Security Certificate, which means that even a
well-known user can be also in trouble.
Moreover, the major fact is that the
installation will not show you any effects in your Android device soon,
but will start its works after a while. But whenever you start you start
your Android after the installation, the Trojan software will be
running background and could send much sensitive data like Handset
model, IMEI Number, Serial Number, Carrier information, mobile number,
Operating System and on top of all, availability of root account.
Once get installed, the Trojan is able to use following commands for performing various malicious acts.
- start_sms_forwarding [telephone number]— begin intercepting communications from a specified number
- stop_sms_forwarding — stop intercepting messages
- send_sms [phone number and text] — send a short message using the specified parameters
- simple_execute_ussd — send a USSD message
- stop_program—stop working
- show_message—display a message on the screen of the mobile device
- set_urls – change the address of the control server
- ping – send an SMS containing the text ‘pong to a previously specified number
- set_sms_number—change the number to which messages containing the text string ‘pong’ are sent.
All these commands mean that the Trojan
is a specific type and can be used for attacking and stealing specific
SMS messaging in order to harass or blackmail someone. The first
command, especially, can be used for finding the messages, which
includes banking details for an example.
Still the Trojan is not a major threat,
as it is not admitted to Google Play. However, if you are an Android
user who uses other web services and sites for downloading application,
you should be very careful about it. Anyways, it won’t cost you anything
by being a bit aware about the malware so that you can detect whenever
you see such a Security Certificate notification.
This is dummy text. It is not meant to be read. Accordingly, it is difficult to figure out when to end it. But then, this is dummy text. It is not meant to be read. Period.
ConversionConversion EmoticonEmoticon