Bidvert-advert

Stay Update - ICT Security

Enter your email address:

We hate spam as much as you do and we will never sell, barter, or rent your email address to any unauthorized third party.

Most Frequently Used Software


CURL / XPertMailer / AutoBlogger / (Parser - PHP Simple HTML DOM)

domenica 22 gennaio 2012

Android app malware exploits Carrier IQ controversy

Stephanie Wright, Contributor

A new malicious Android application targeting device owners in France is benefiting from the Carrier IQ controversy, in line with researchers at Symantec.

Once installed, the Android app malware searches for Carrier IQ software, displays details about the device after which declares the absence of the software. When the victim attempts to uninstall the applying, the Trojan sends SMS messages to a premium-rate number. Symantec calls the Trojan Android.Qicsomos.

The rogue application isn't at the Android Market and looks within the device menu with an icon just like the brand of a significant European telecom operator, said Symantec researcher Irfan Asrar.  The malware is assumed to be spreading via a spam or phishing campaign.

“We cannot find any trace of this at the Android Market, which leads us to believe there is a social engineering vector getting used to spread the malware, which includes a spam or phishing campaign pretending to be from an official carrier asking the users to download and run the software,” Asrar wrote within the Symantec blog.

The safe strategy to dispose of the applying is to uninstall it from the appliance management settings mainly menu, Asrar said.

The application also contains certificate published in the course of the Android Open Source Project. The certificate should only be capable to fool older devices, Asrar said. Most commercial devices isn't affected.

The Carrier IQ controversy came to light in December, when a researcher discovered the software running in stealth mode on some smartphones. The software, which was installed by a couple of major carriers without informing device owners, was designed to send pertinent details about the use of the device. The Carrier IQ software was found to capture only data laid out in carriers in keeping with their privacy standards and agreements with users.

Similar mobile applications designed to detect Carrier IQ can be found free of charge. Romania-based antivirus vendor BitDefender has issued an Android application designed to detect the Carrier IQ software. San Francisco-based Lookout Labs created a Carrier IQ detector. Both applications cannot remove Carrier IQ software from the device since the software is integrated with the device firmware. 


Dig Deeper
  • People that read this also read...


Pubblicato da alle 23:56

Nessun commento:

Posta un commento

Comments links could be nofollow free

Iscriviti a: Commenti sul post (Atom)