Android worm Selfmite.b sends texts all of your contacts and urges them to install alternative app markets

Android worm Selfmite.b sends texts all of your contacts and urges them to install alternative app markets
Nobody loves viruses, malware, trojans, or worms, but these malicious pieces of software have spread themselves to our smartphones, exploiting each and every security flaw that exists. Being the most popular mobile platform, Android is unfortunately the most common target for malware and worms, and one of the latest ones has the potential to supercharge your cell phone bill to unfathomable heights.

Named Selfmite.b, this worm is a lot more potent and “severe” successor of Selfmite.a, an Android worm that spread itself via an APK file and sent SMS messages to the first 20 contacts in your phone book. The messages contained shortened URL links to suspicious websites, which urged you to install alternative app stores. Hopefully, security researchers pulled the reins of Selfmite.a in a timely manner, but its successor is a lot worse. Selfmite.b is sends SMS messages with harmful links to all of your contacts, and it does this in a loop. Regardless of the mobile platform the victims are running, be it Android or iOS, Selfmite.b will always link to a potentially-unwanted website.


This huge amount of SMS messages might cost you an arm and a leg if your cell phone plan comes sans unlimited ones. Currently, it uses URL shortening services like Go Daddy's x.co, which makes it pretty hard to cut the leash of the malicious app, as the wrongdoer behind Selfmite.b might dynamically “change it remotely using a configuration file”.

At the moment, Selfmite.b can be found across devices in Canada, China, Costa Rica, Ghana, India, Iraq, Jamaica, Mexico, Morocco, Puerto Rico, Russia, Sudan, Syria, USA, Venezuela, and Vietnam. As a precaution, always make sure that you install APKs from trusted sources.


source: Adaptive Mobile via NetworkWorld

FEATURED VIDEO

24 Comments

1. NexusPhan

Posts: 632; Member since: Jul 11, 2013

Lets try this again. "At the moment, Selfmite.b can be found across devices in ... ... USA, Venezuela, and Vietnam. It has not spread itself to the USA just yet."

6. NexusPhan

Posts: 632; Member since: Jul 11, 2013

Thanks for the quick fix PA.

23. sprockkets

Posts: 1612; Member since: Jan 16, 2012

How about they fix the part where worms install without human interaction - this can't.

2. Ashoaib

Posts: 3243; Member since: Nov 15, 2013

permission manager is very handy in these type of scenarios, it must be built in and preinstalled in android... I blocked all applications to access sms/msm/calls/photos

7. NexusPhan

Posts: 632; Member since: Jul 11, 2013

Or how about you just leave the default settings that doesn't allow unknown sources to install anything?

9. vincelongman

Posts: 5585; Member since: Feb 10, 2013

And just never install random apks E.g. I install apks from xda devs, xposed framework, AndroidPolice and Amazon Never had any issues

14. RebelwithoutaClue

Posts: 5473; Member since: Apr 05, 2013

Most people that install xposed and other xda dev stuff will have a trusted site for these apk files, so no worries there. Most people don't sideload anyways, so they can leave this unknown sources option off.

12. dsmboost

Posts: 46; Member since: Nov 01, 2011

Sometimes you have to find other sources for APK's because some apps are listed as 'not compatible with your device' in the Play Store.

3. sorgo

Posts: 10; Member since: Sep 26, 2011

+1 for FAR Manager :)

4. MegaEvolution

Posts: 33; Member since: Sep 24, 2014

Admit it fandroid, all pics above, especially mobogenie, love to pop up every time when you're surfing phonearena.com :)

5. XperiaFanZone

Posts: 2277; Member since: Sep 21, 2012

Never has that happened to my Android devices, attention whore. Maybe because I'm not a "Fandroid". BTW, you forgot your signature. "128gb storage :) "

8. vincelongman

Posts: 5585; Member since: Feb 10, 2013

That basically never happens to anyone Even on x86 Windows Unless if the user does something wrong, e.g. willing sideloading random .apk files (or installing .exe on Windows) I dont see how its not obvious, most browsers will warn you before you choose to start downloading and you have to change a setting to install the apk as well

11. anirudhshirsat97

Posts: 408; Member since: May 24, 2011

It happens when browsing phone arena on phone. I don't know if that has stopped now as I installed adblock. I don't personally like blocking ads as they are the means of revenue for my favorite websites.

20. bendgate unregistered

Android maybe a little less secured than ios(and according to google android was never build with security vision before kitkat) but that doesn't mean it is a malware. I'm using Android since gingerbread, rooted for 2+ years and never had any security problem. I also never installed security apps. Download apps only from trusted sites and don't download paid ones illegally.

21. JunitoNH

Posts: 1946; Member since: Feb 15, 2012

Listen, that is part of the appeal of having an Android device. Ability to cuztomize, and getting free apps from third party. If you are worried about security, don't use your Android device for banking or/and anything that requieres security.

10. DeusExCellula

Posts: 1390; Member since: Oct 05, 2014

Mobogeni was the most garbage crap

16. blingblingthing

Posts: 759; Member since: Oct 23, 2012

The name alone says junkware.

19. bendgate unregistered

Mobogenie 'is' the most garbage app.

13. shiv179

Posts: 123; Member since: Aug 08, 2012

So it spreads via an APK, the average Joe is already immune because external installations are blocked by default.

15. E34V8

Posts: 109; Member since: Dec 16, 2011

Please Phone Arena, stop with the BS. Or at least point out that in order to get this bad apps, you have to manually go in settings, enable unknown sources, disable verify apps, than manually intentionally install the corrupted apk. Well, if a person is that dum to do that, he deserves it. Stop producing panic in people, or giving apple trolls food.

17. Soloistpro

Posts: 3; Member since: Aug 05, 2014

No articles that I've been able to find about this worm says what to do to remove it if you were dumb enough to install it. Will any virus scanner app work?

18. Settings

Posts: 2942; Member since: Jul 02, 2014

Beauty of WP, no virus and malwares. Coz not all cares for WP. LOL!

22. willytbk

Posts: 252; Member since: Aug 15, 2012

The problem might lies on due to so many people using the platform and not all people understand this stuffs, so they just click it and install. I believe this is the main reason why its spreading all over the world. This is the only reason why i am afraid of android platform so i only allow my moto g to install app from playstore only. My main choice still iOS because its much much safer.

24. tacarat

Posts: 850; Member since: Apr 22, 2013

Sideloading is the equivalent of getting Cydia on a jailbroken iphone, just without necessarily having root/admin. There have been enough legit apps, iOS having a few, that spam contacts with invites to be considered the same as the first variant. Soooooooo... meh. It's up there with Candy crush invites. Annoying.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.