“Kaspersky Lab is reporting that ‘For the first time malware is being distributed using botnets that were created using completely different mobile malware,'” Steven J. Vaughan-Nichols reports for ZDNet. “Isn’t that special?”
“Kaspersky describes the malware culprit, Backdoor.AndroidOS.Obad.a, as the ‘most sophisticated Android Trojan yet,'” Vaughan-Nichols reports. “The Russian antivirus company also has said that Obad.a is looking ‘closer to Windows malware than to other Android Trojans, in terms of its complexity and the number of unpublished vulnerabilities it exploits.”
Vaughan-Nichols reports, “If the user clicks on the link, a file named mms.apk, containing Opfake.a, is automatically loaded onto the smartphone or tablet. Then again, the user has to be a bit of an idiot and users run the downloaded program.”
MacDailyNews Take: They settled for a pretend iPhone in the first place, Steven, so odds are high.
Vaughan-Nichols reports, “The net result is that this botnet is capable of spreading Opfake.a and Obad.a very quickly. Kaspersky concluded that there are .12 versions of Backdoor.AndroidOS.Obad.a. All of them had the same function set and a high level of code obfuscation. Each used an Android OS vulnerability that allows the malware to gain Device Administrator rights and made it significantly more complicated to delete..”
Read more in the full article here.
MacDailyNews Take: “Open” in all the wrong ways.
[Thanks to MacDailyNews Reader “James M. Gross” for the heads up.]
Related articles:
U.S. DHS, FBI warn of malware threats to Android mobile devices – August 27, 2013
Android app malware rates skyrocket 40 percent in last quarter – August 7, 2013
First malware found in wild that exploits Android app signing flaw – July 25, 2013
Mobile Threats Report: Android accounts for 92% of all mobile malware – June 26, 2013
Latest self-replicating Android Trojan looks and acts just like Windows malware – June 7, 2013
99.9% of new mobile malware targets Android phones – May 30, 2013
Mobile malware exploding, but only for Android – May 14, 2013
Mobile malware: Android is a bad apple – April 15, 2013
F-Secure: Android accounted for 96% of all mobile malware in Q4 2012 – March 7, 2013
New malware attacks Android phones, Windows PCs to eavesdrop, steal data; iPhone, Mac users unaffected – February 4, 2013
FBI issues warning over Android malware attacks – October 15, 2012
Researchers discover serious flaw in Android app security, say HTC and Samsung ignore issue – September 28, 2012
Apple’s iPhone has passed a key security threshold – August 13, 2012
Android permissions flaw allows eavesdropping, data theft, location tracking – December 2, 2011
Massive HTC Android security flaw leaves security expert speechless – October 2, 2011
Apple’s iOS unaffected by malware as Android exploits surge 76% – August 24, 2011
Android malware records phone calls; iPhone users unaffected – August 2, 2011
Symantec: Apple iOS offers ‘full protection,’ Google Android ‘little protection’ vs. malware attacks – June 29, 2011
Malware apps spoof Android Market to infect Android phones – June 21, 2011
Google forced to pull several malware-infested apps from Android market – June 8, 2011
Android malware sees explosive growth; even faster than with PCs – April 27, 2011
Virus-laden apps infest Google’s ‘open’ Android platform; iPhone unaffected – March 3, 2011
Security firm warns of new Android trojan that can steal personal information; iPhone unaffected – December 30, 2010
Trojan infects Android smartphones; iPhone unaffected – August 10, 2010
Millions of Android phone users slammed by malicious data theft app – July 29, 2010
Unlike proactive Apple, reactive Google doesn’t block malware from Android app store – June 4, 2010
Malware designed to steal bank information pops up in Google’s Android app store – January 11, 2010