Tag: android mobile security

Mobile security worm threat targets Android devices

The Selfmite malware has been spreading its way through smartphones by way of links in text messages.

A new mobile security threat in the form of the Selfmite Android malware has been making the rounds through a malicious link that is being distributed by way of text messages to the contacts on the device user’s list.

This link leads to a rare Android worm that has now been discovered by security researchers.

By the time this Selfmite mobile security threat is installed onto a device, this malware texts 20 contacts from the address book of the smartphone owner. This is a different type of threat from what is usually seen over Android devices, as the majority of those problems are in the form of Trojan apps that do not have their own mechanisms for self propagation. Instead, they are distributed to smartphone and tablet users by way of non-official app stores.

This new mobile security problem is the second threat of this nature that has been discovered in the last 2 months.

This may suggest that the number of malware attacks in the form of worms could be on the rise into the future. The text message that is sent by the Selfmite worm contains the name of the contact, so that it says “Dear [Contact’s Name], Look the Self-time,” and is followed by a URL that has been goo.gl shortened.Mobile security worm threat

This infected link directs the user to an APK file that is called “TheSelfTimerV1.apk”. This Android application file is hosted on a remote server, according to the AdaptiveMobile security firm researchers who identified the threat. If the user chooses to install this APK, then “The self-timer” is placed into the app list.

From that point, it not only spreads itself to 20 contacts through texts from that device, but it also attempts to encourage that device’s user to download and install another file, which is called mobogenie_122141003.apk through their mobile browser.

That is actually a legitimate app called Mobogenie, which gives Android users the chance to synch their devices with their PCs so that they can download applications form an alternative app store. That application has already received over 50 million downloads from Google Play but is heavily promoted through affiliate marketing strategies, which can incentivize fraudulent distribution by unethical individuals willing to use mobile security threats to try to make money.

Mobile security threat takes aim at text messages

New malware is now causing problems, particularly with Android users who speak Russian.

Just as smartphone users are beginning to realize that their small screen devices could suffer just as big a malware threat as their laptops and desktop computers, a new mobile security announcement has been made which has revealed that Android users who speak Russian are being targeted by a new type of text based attack.

This specific form of mobile malware moves right in to the device contact list to spread and infect others.

According to Eset, a security vendor, the malware is a worm-like virus called “Android/Samsapo.A”. Once it has made its way into a device, it can download other malicious files into that device, as well, making it a mobile security problem that only gets worse. It can also steal an individual’s personal information from his or her smartphone or tablet, including from text messages, and it can block phone calls from being made or received.

This mobile security threat is a very new one and it is important for device users to be aware of it.

According to a malware researcher from Eset, Robert Lipovsky, this virus uploads the data that it obtains from a device into a domain that is less than a month old. The spread of the Samsapo virus occurs by automatically sending out text messages from the infected mobile device so that they will be received by other people whose contact data is saved within the address list.mobile security - texting

The virus has a rather worm-like characteristic in that has been used in other forms of malware that have been infecting smartphones and even tablets. In this specific case, the text message that spreads the virus currently says, in Russian, “Is this your photo?”. It provides a link that directs the device user to an Android app package file (.APK), which contains a copy of the virus, which will then be downloaded into the new device, starting the process over again.

Lipovsky stated that “This technique wouldn’t raise an eyebrow on Windows, but is rather novel on Android.”

The best way to avoid this type of mobile security breach is to avoid the download of third party platform apps, and to keep away from websites that provide sketchy, illegal, threatening, or dangerous content.