Targeted malware attack on Android devices steals contacts, text messages

Targeted malware attack on Android devices steals contacts, text messages
We hear about malware on Android devices on a regular basis. Late last year, PhoneArena.com went in-depth covering the perceived myths and realities of the threat of malware on Android devices.

This time however, Kaspersky Labs believes it has uncovered the first known targeted malware attack on the Android platform. In this case, the targeted victims were Tibetan activists, but now we can see how such an attack might play out again.

Like many virus and malware attacks, this one started with an email that used social engineering and verbal manipulation. The hackers were able to access a high-profile Tibetan activist’s email and use that to send out the infected message to everyone in the contact list. Rather than being a poorly worded email promising riches from an abandoned bank account in North Africa, the message was carefully worded and designed to evoke action by the reader, in this case, a reference to an attached file with an ".apk" extension.

APK is an Android Package file and once the user opened it, an application called “Conference” would install itself on the device. The user would open the app and see a less carefully worded message which would serve as a distraction while the malware would scour contacts on the device and SIM card, copy call logs, SMS messages, geo-location, and other data about the device.

As the targets were Tibetan activists, it does not take a giant leap to think that the hackers involved were from China. Kaspersky believes attacks like this will evolve and adapt to take advantage of future vulnerabilities.

In the meantime, the same no-nonsense rules apply to email and attachments. If you do not recognize the file extension or the message is unexpected, use a bit of scrutiny before blindly clicking on a link or attachment.

source: Forbes


FEATURED VIDEO

23 Comments

1. haseebzahid

Posts: 1853; Member since: Feb 22, 2012

hahaa typical malwares

2. anywherehome

Posts: 971; Member since: Dec 13, 2011

you call malware a typical app installed by user after approval of contacts or sms access? Than every app must be malware according to this logic :) I think this is more dangerous: "40% of iOS popular apps invade your privacy without any permission" "Apple iOS Apps Leak More Personal Info Than Android" "Apple lets kids easily spend parents' money, beware = easy to abuse your iDevices; very probably intention of Apple to spend your money by mistake" we, Androids, know what we install, with iConboard you simply don't know anything :) so logic says me that we dont need any anti-malware when we approve any app...if you dont want malware, dont install it, its called freedom :)

10. terabyteRouser

Posts: 457; Member since: Oct 18, 2011

unfortunately, you are a little naive

16. anywherehome

Posts: 971; Member since: Dec 13, 2011

Everything I wrote is a fact, deal with that ;-)

18. xtremesv

Posts: 299; Member since: Oct 21, 2011

I support you. The naive people are the ones that trust everything they see posted on the internet. People should be more cautious and inform themselves. However this attack was not a simple 12-year-old wanting to steal a credit card number but a well-orchestrated plan with a specific agenda.

20. anywherehome

Posts: 971; Member since: Dec 13, 2011

So I'm naive because I've just been given refund for app I didn't like and didn't accepted a new permission they required because of its new update? Now you can see that you are 12 years old boy ;-) This is called freedom and responsibility..... With iOS you have no freedom and you are a limited kid for Apple..... what's worse you are not safer with stealing iOS apps ;-)

22. xtremesv

Posts: 299; Member since: Oct 21, 2011

Hahaha, the one I was supporting was your statement dude, please read and understand first before reacting to a comment.

23. anywherehome

Posts: 971; Member since: Dec 13, 2011

OK sorry, isn't clear if you mean me as naive to trust to my sources :-)

14. haseebzahid

Posts: 1853; Member since: Feb 22, 2012

doesnt change the condition of Android either if u pointing apples one both sucks at malware thingie but both sucks at this and reason is they are used by masses so its good hunting ground for hackers

21. anywherehome

Posts: 971; Member since: Dec 13, 2011

With android is almost perfect, when you don't accept permission an app requires don't install unlike limited iConboard :-) It's called freedom and in freedom you have to behave responsibly unlike kids with iConboards :-)

3. RaKithAPeiRiZ

Posts: 1488; Member since: Dec 29, 2011

i had no idea that Tibetan monks use androids

4. jose.vu

Posts: 16; Member since: Mar 28, 2013

"the targeted victims are Tibetan activists" ---> then it's easy to see this is an act of the f**king communist party from China ... they will sure later deny and say ppl made this up to make China look bad ...

5. boosook

Posts: 1442; Member since: Nov 19, 2012

Android does not allow the installation of apps not downloaded from the market unless you specifically enable it, and if you enable it Android would ask for a confirmation with a dialog box anyway. Besides, if you allowed downloaded apps installation, you would surely know that you don't have to install an apk you received in an email from an unknown source. And anyway you would be notified of the permissions required by the app. So I don't see a real security threat here, wether you're a beginner or an advanced user. Anyway, it's a measure of Android's popularity, though it is a poor attempt. :)

6. Nkolsen

Posts: 60; Member since: Mar 28, 2013

Sorry, but it They take this bait, its their own fault. NEVER AND I MEAN NEVER install 3rd party apk's....

8. TheMan

Posts: 494; Member since: Sep 21, 2012

7. rusticguy

Posts: 2828; Member since: Aug 11, 2012

Only a fool would act on such spam mails and a still bigger fool would open the attachment in a mail from unknown source.

9. Aeires unregistered

Who in their right mind installs apk files from junk mail? If you get this malware it's completely your fault for doing stupid things.

11. xperiaDROID

Posts: 5629; Member since: Mar 08, 2013

Malware.....malware.....blah blahblah. The person who invented the malware should go to jail.

15. rusticguy

Posts: 2828; Member since: Aug 11, 2012

M$ started it as an internal project long long back.... others then picked it up.

17. xperiaDROID

Posts: 5629; Member since: Mar 08, 2013

Are you sure about that? I don't want to blame Microsoft again.

12. gmracer1

Posts: 646; Member since: Dec 28, 2012

aaaaaahahahaha nice try on this one! BAAAAHAHAHAAAAAAA

13. networkdood

Posts: 6330; Member since: Mar 31, 2010

Again, you had to allow this to happen on your phone...stupid is as stupid does....right Forest?

19. zekes

Posts: 230; Member since: Aug 14, 2012

its not about apple lmao

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.