nsane.forums Posted July 9, 2012 Share Posted July 9, 2012 A new piece of Android malware called "Trojan!MMarketPay.A@Android" has been found on at least nine app stores, and has already infected over 100,000 Chinese smartphones. It works by automatically downloading paid content in the background. A new piece of malware has been discovered on more than 100,000 Android smartphones in China. It works by silently downloading paid apps and multimedia content from Mobile Market, an Android app store hosted by China Mobile, one of the largest wireless providers in the world. TrustGo, which first discovered the malware, is calling this particular threat "Trojan!MMarketPay.A@Android" and has already found it on nine app stores: nDuoa, GFan, AppChina, LIQU, ANFONE, Soft.3g.cn, TalkPhone, 159.com, and AZ4SD. The security firm also disclosed the following eight package names for the malware:com.mediawoz.goweathercom.mediawoz.gotqcom.mediawoz.gotq1cn.itkt.travelskygocn.itkt.travelskycom.funinhand.weibosina.mobile.tianqitongcom.estrongs.android.popMMarketPay.A works by placing malicious orders at Mobile Market. Normally, a Mobile Market customer receives a verification code via SMS after purchasing an app or multimedia content, which he or she has to input back into the market to start the download. China Mobile then adds this order to the customer's phone bill. MMarketPay.A automates this process and downloads as much as it can so that victims rack up huge phone bills. It finds paid content, simulates a click action in the background, intercepts the received SMS messages, and collects the verification code sent by Mobile Market. If a CAPTCHA image is invoked, the malware posts the image to a remote server for analysis. In short, MMarketPay.A is a complex little bugger. If you're using an Android device on China Mobile, you may want to check your phone bill and make sure there's nothing suspicious on it. Android lets you download and install apps from anywhere (provided you have the following option enabled: Settings => Applications => Unknown sources). If you want to minimize the chance of downloading malicious apps, please only use the official Google Play store. View: Original Article Link to comment Share on other sites More sharing options...
sanjoa Posted July 9, 2012 Share Posted July 9, 2012 This is something that scares me :fear: : so many Android malware hanging around. Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted July 9, 2012 Administrator Share Posted July 9, 2012 This is something that scares me :fear: : so many Android malware hanging around. Noticed how many of them do not originate from Google Play? Don't be too worried if you download from Google Play, and always check the reviews. Link to comment Share on other sites More sharing options...
Nemesis Posted July 10, 2012 Share Posted July 10, 2012 the google play store is very good, unless you want :pirate: software, you shouldn't need to go anywhere else. Link to comment Share on other sites More sharing options...
Ambrocious Posted July 10, 2012 Share Posted July 10, 2012 Well, for nice pirated software, I always use Applanet:http://applanet.net/ Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.