New Trojan malware disguises itself as an Android game app

A new Trojan masquerading as a game app is targeting phones running Google's Android OS, subscribing to premium SMS services and sending information about the phone to its controller.

Computer security firm Sophos said the Trojan tags along in a legitimate Chinese game, "The Roar of the Pharaoh," which is not distributed on Google Play (formerly the Android Marketplace).

"Once installed the malicious application gathers sensitive information (IMEI, IMSI, phone model, screen size, platform, phone number, and OS version) and sends it off to the malware's authors. Like many other mobile Trojans, this one sends SMS messages to premium rate SMS numbers and is capable of reading your SMSs as well," Sophos said in a blog post.

Sophos said it detects the malware, which is attached to the game app distributed on unofficial download sites, as Andr/Stiniter-A.

But it also noted the new Trojan is unusual as it does not ask for any specific permissions during installation, which is often an indicator an application is up to no good.

It added the malware masquerades as a service called "GameUpdateService" - a very plausible name for a legitimate app if one were to check the processes running on his or her device.

Also, Sophos said the malware also attempts to communicate with four .com domains with a path of "tgloader-android," leading some to refer to this Trojan as TGLoader.

"Criminals love the free money laundering service provided by mobile phone providers. They can set up premium rate SMS numbers in Europe and Asia with little difficulty," Sophos noted.

It said the mobile phone companies provide the payment processing and the bad guys have their money and are long gone before the victim ever receives the phone bill with the fraudulent charges.

"As always, be sure to only install applications from official sources for the safest smartphone experience. While the sophistication of today's mobile malware is quite low, this won't remain true if there is a buck to be made," Sophos advised. — TJD, GMA News

Editor’s note:Yahoo Philippines encourages responsible comments that add dimension to the discussion. No bashing or hate speech, please. You can express your opinion without slamming others or making derogatory remarks.

  • Lenten procession more than just a spectacle VERA Files - The Inbox

    Text and photos by Kiersnerr Gerwin Tacadena, VERA Files Baliuag, Bulacan--This town is hosting what could be the country’s biggest Lenten procession consisting of more than 100 religious statues riding on carriages or carrozas. But concerns are being raised that … Continue reading → …

  • Holy Week in Mt Banahaw: Mysticism meets Catholicism VERA Files - The Inbox

    Text and photos by Patricia Isabel Gloria, VERA Files Dolores, Quezon—Around this time each year, hundreds of devotees flock to Barangay Sta. Lucia in Dolores, Quezon on the slopes of Mount Banahaw to celebrate Holy Week. Here, mysticism meets Catholicism, … Continue reading → …

  • Simbang lakad for Lolo Uweng VERA Files - The Inbox
    Simbang lakad for Lolo Uweng

    By April Anne Benjamin, VERA Files San Pedro, Laguna--For 14 Maundy Thursdays now, Inding Amoranto has prayed the rosary while walking the eight-kilometer distance from her house to the Shrine of Jesus in the Holy Sepulcher in the village of … Continue reading → …

POLL
Loading...
Poll Choice Options