Targeted malware attack on Android devices steals contacts, text messages
This time however, Kaspersky Labs believes it has uncovered the first known targeted malware attack on the Android platform. In this case, the targeted victims were Tibetan activists, but now we can see how such an attack might play out again.
Like many virus and malware attacks, this one started with an email that used social engineering and verbal manipulation. The hackers were able to access a high-profile Tibetan activist’s email and use that to send out the infected message to everyone in the contact list. Rather than being a poorly worded email promising riches from an abandoned bank account in North Africa, the message was carefully worded and designed to evoke action by the reader, in this case, a reference to an attached file with an ".apk" extension.
APK is an Android Package file and once the user opened it, an application called “Conference” would install itself on the device. The user would open the app and see a less carefully worded message which would serve as a distraction while the malware would scour contacts on the device and SIM card, copy call logs, SMS messages, geo-location, and other data about the device.
As the targets were Tibetan activists, it does not take a giant leap to think that the hackers involved were from China. Kaspersky believes attacks like this will evolve and adapt to take advantage of future vulnerabilities.
In the meantime, the same no-nonsense rules apply to email and attachments. If you do not recognize the file extension or the message is unexpected, use a bit of scrutiny before blindly clicking on a link or attachment.
Classic Malware attack Fullscreen
More popular slideshows
This Samsung Galaxy F (S5 Premium) concept looks almost real
07 Mar 2014, 23:59
iOS 7 release date and time are today (Sep 18), get ready to update!
18 Sep 2013, 04:00
Spring chickens: Samsung Galaxy S5 vs Sony Xperia Z2 comparison preview
26 Feb 2014, 09:37
Samsung Galaxy S5 rumor round-up: release date, price and specs
12 Feb 2014, 08:58
Samsung Galaxy S5: all you need to know
24 Feb 2014, 17:06
Classic Malware attack
1. The message
2. The bait
3. The scam
2. anywherehome (Posts: 971; Member since: 13 Dec 2011)
you call malware a typical app installed by user after approval of contacts or sms access? Than every app must be malware according to this logic :)
I think this is more dangerous:
"40% of iOS popular apps invade your privacy without any permission"
"Apple iOS Apps Leak More Personal Info Than Android"
"Apple lets kids easily spend parents' money, beware = easy to abuse your iDevices; very probably intention of Apple to spend your money by mistake"
we, Androids, know what we install, with iConboard you simply don't know anything :)
so logic says me that we dont need any anti-malware when we approve any app...if you dont want malware, dont install it, its called freedom :)
10. terabyteRouser (Posts: 399; Member since: 18 Oct 2011)
unfortunately, you are a little naive
16. anywherehome (Posts: 971; Member since: 13 Dec 2011)
Everything I wrote is a fact, deal with that ;-)
18. xtremesv (Posts: 180; Member since: 21 Oct 2011)
I support you. The naive people are the ones that trust everything they see posted on the internet. People should be more cautious and inform themselves. However this attack was not a simple 12-year-old wanting to steal a credit card number but a well-orchestrated plan with a specific agenda.
20. anywherehome (Posts: 971; Member since: 13 Dec 2011)
So I'm naive because I've just been given refund for app I didn't like and didn't accepted a new permission they required because of its new update? Now you can see that you are 12 years old boy ;-)
This is called freedom and responsibility..... With iOS you have no freedom and you are a limited kid for Apple..... what's worse you are not safer with stealing iOS apps ;-)
22. xtremesv (Posts: 180; Member since: 21 Oct 2011)
Hahaha, the one I was supporting was your statement dude, please read and understand first before reacting to a comment.
23. anywherehome (Posts: 971; Member since: 13 Dec 2011)
OK sorry, isn't clear if you mean me as naive to trust to my sources :-)
14. haseebzahid (Posts: 1764; Member since: 22 Feb 2012)
doesnt change the condition of Android either if u pointing apples one both sucks at malware thingie but both sucks at this
and reason is they are used by masses so its good hunting ground for hackers
21. anywherehome (Posts: 971; Member since: 13 Dec 2011)
With android is almost perfect, when you don't accept permission an app requires don't install unlike limited iConboard :-)
It's called freedom and in freedom you have to behave responsibly unlike kids with iConboards :-)
3. RaKithAPeiRiZ (Posts: 1207; Member since: 29 Dec 2011)
i had no idea that Tibetan monks use androids
4. jose.vu (Posts: 15; Member since: 28 Mar 2013)
"the targeted victims are Tibetan activists" ---> then it's easy to see this is an act of the f**king communist party from China ... they will sure later deny and say ppl made this up to make China look bad ...
5. boosook (Posts: 730; Member since: 19 Nov 2012)
Android does not allow the installation of apps not downloaded from the market unless you specifically enable it, and if you enable it Android would ask for a confirmation with a dialog box anyway. Besides, if you allowed downloaded apps installation, you would surely know that you don't have to install an apk you received in an email from an unknown source.
And anyway you would be notified of the permissions required by the app.
So I don't see a real security threat here, wether you're a beginner or an advanced user.
Anyway, it's a measure of Android's popularity, though it is a poor attempt. :)
6. Nkolsen (Posts: 13; Member since: 28 Mar 2013)
Sorry, but it They take this bait, its their own fault. NEVER AND I MEAN NEVER install 3rd party apk's....
8. TheMan (Posts: 338; Member since: 21 Sep 2012)
Especially if it's from Facebook!
7. rusticguy (Posts: 2810; Member since: 11 Aug 2012)
Only a fool would act on such spam mails and a still bigger fool would open the attachment in a mail from unknown source.
9. Aeires (unregistered)
Who in their right mind installs apk files from junk mail? If you get this malware it's completely your fault for doing stupid things.
11. xperiaDROID (Posts: 4667; Member since: 08 Mar 2013)
Malware.....malware.....blah blahblah. The person who invented the malware should go to jail.
15. rusticguy (Posts: 2810; Member since: 11 Aug 2012)
M$ started it as an internal project long long back.... others then picked it up.
17. xperiaDROID (Posts: 4667; Member since: 08 Mar 2013)
Are you sure about that? I don't want to blame Microsoft again.
12. gmracer1 (Posts: 646; Member since: 28 Dec 2012)
aaaaaahahahaha nice try on this one! BAAAAHAHAHAAAAAAA
13. networkdood (Posts: 5248; Member since: 31 Mar 2010)
Again, you had to allow this to happen on your phone...stupid is as stupid does....right Forest?