Symantec has observed an uptick in malware targeting the Android mobile computing platform.
According to a bulletin from the security software company, the most recent example is the new Android Pjapps which, like other Android Trojans, is spreading via altered versions of legitimate applications hosted on unregulated third-party Android marketplaces.
Android.Pjapps masquerades as a popular “Steamy Window” app. The legitimate features of the original app are still present in the malicious version, but it also features additional functionality that allows an attacker to build a botnet. Among other things it is able to install applications, navigate to websites, add bookmarks to the user’s browser, send text messages and block text message responses. It also sends sensitive user information back to the attacker.
Symantec believes the malware has been designed and may be used to peddle ad campaigns and to obtain benefits from the use of third-party premium rate services at users’ expense.
To avoid becoming a victim of such Trojanized Android applications, Symantec recommends users:
* Only use regulated Android marketplaces for downloading and installing Android apps.
* Adjust Android OS application settings to stop the installation of non-market apps;
* Review other users’ comments on the marketplace to assist in determining if an app is safe;
* During the installation of Android apps, always check the access permissions being requested for installation; if they seem excessive for what the application is designed to do, it would be wise to not install the application;
* Utilise a mobile security solution on devices to ensure any downloaded apps are not malicious; and
* Enterprises should consider implementing a mobile management solution to ensure all devices that connect to their networks are policy compliant and free of malware.