SMS Trojan Found in Several Android Apps

Google has removed a group of mobile phone applications from its Android Market after it was discovered that the applications contained code that could be used to send SMS (Short Message Service) spam.

Android SMSGoogle has removed a group of mobile phone applications from its Android Market after it was discovered that the applications contained code that could be used to send SMS (Short Message Service) spam.

Google’s action came after a security firm in Taiwan published a security alert about the apps on Wednesday, saying that there were a total of 11 apps found to have the suspicious code in them. The advisory warns users that the apps send messages to three numbers that can cause users to be subscribed to paid services without their knowledge.The SMS functionality would only work when the user is located in China, according to the advisory.

The applications in question, with names like iBook, iCartoon, iCalendar, iMine, iMatch, iGuide, LoveBaby, 3D Cube horror terrible, Sea Ball, Shake Break and ShakeBanger, were all developed by a publisher called “zsone”
and published in the Android Market. However, the actual number of affected applications may be higher than the 11 identified so far. Google continues to investigate the incident, the company said.

The SMS messages appear to sign phone owners up for premium subscription services, but wouldn’t result in large numbers of SMS messages being sent from the phone. One application, “iCartoon,” was observed sending SMS messages to 1066185829, 106601412004, 1066953930 with special coded text like YXX1 or 921X1
to subscribe unknown service. “It does this just once, to prevent got
noticed by the user,” the advisory says.

It is unclear as of yet if these subscriptions result in a one-time charge or if users will recieve monthly charges for the fraudulent services.

This latest alert follows a high profile discovery in early march where researchers discovered and Google subsequently removed a number of apps found to contain a piece of Malware known as DroidDream.

Suggested articles