AdaptiveMobile has released new insight into the continuing emergence of a new strain of Android Malware. AdaptiveMobile has been monitoring the development of the program as it has spread through multiple variants across the Chinese Android market.
The threat vector begins from an infected phone, where an SMS is sent to an uninfected device, informing the user that their friend/contact has attempted to share a photograph, document or file. When the user then clicks on the link in the text message they are directed to download an app from a malicious but seemingly legitimate source – a problem that is compounded by the fact that China does not have an official App Store like Google Play, significantly increasing the threat from counterfeit apps and download platforms.
Having installed the malware to their device and given permission to access contacts and messages, the program allows the primary attacker to monitor any and all messages sent from the infected device, potentially providing access to sensitive information such as personal and financial data while enabling the malware to spread to a wider network of contacts.