Malware authors are using the popularity of the
Angry Birds series of games as a way to infect the smartphones of users
who download the exploit from unofficial Android app stores, according
to a security software firm.
In an April 12 post on SophosLabs’ NakedSecurity blog,
Graham Cluley said the Trojan horse masquerades itself as the Angry
Birds Space game. When downloaded, the malware installs its malicious
code onto the device.
“The Trojan horse, which Sophos detects as
Andr/KongFu-L, appears to be a fully functional version of the popular
smartphone game, but uses the GingerBreak exploit to gain root access to
the device, and install malicious code,” Cluley wrote. “The Trojan
communicates with a remote Website in an attempt to download and install
further malware onto the compromised Android smartphone.”
Andr/KongFu-L is a known Android Trojan.
Once the malware is installed and the Android
device compromised, cyber-criminals can then send instructions that will
lead to more malicious code being downloaded or URLs to be displayed in
the smartphone’s browser, he wrote.
“Effectively, your Android phone is now part of a botnet, under the control of malicious hackers,” Cluley wrote.
The Trojan that pretends to be the Angry Birds
Space game from Rovio can be downloaded from third-party unofficial
Android app stores, though SophosLabs did not name any of those stores.
Cluley said the version of Angry Birds Space in the Google Play,
Google’s official apps store—formerly called Android Market—is not
affected by the malware.
Rovio also posted a warning on
its Website about malware-infested versions of the game: “As you get
ready to pop pigs in zero gravity, watch out for fake versions of Angry
Birds Space, and make sure to download safe by getting the official game
from Rovio.”
As smartphones increase in popularity with both
enterprise users and consumers, they’re also becoming a growing target
of cyber-criminals. According to a report released in February by Juniper Networks,
malware specifically targeted at mobile operating systems more than
doubled in 2011, growing by 155 percent across all platforms—including
Apple’s iOS, Google’s Android, Research In Motion’s BlackBerry and
Nokia’s Symbian.
Android saw the biggest leap in malware incidents,
according to the Juniper report. Malware targeting Android grew 3,325
percent in the last seven months of 2011, and Android malware accounted
for 46.7 percent of unique malware samples that targeted mobile
platforms, followed by 41 percent for Java Mobile Edition.
According to Juniper, Android’s diverse and open
marketplace—where developers can post their apps—and the platform’s
growing market share made it an attractive target for cyber-criminals.
It has almost half of the mobile operating system market, according to
analysts.
"Hackers are incented to target Android, because
there are simply more Android devices as compared to the competition,"
Daniel Hoffman, chief mobile security evangelist at Juniper, said when
his company’s report was released.
Hoffman said Google's "Bouncer" service, which
scans apps in the official Android market place and removes offenders,
is making it more difficult for scammers to upload malicious apps.
Bouncer, which began operating in the second half of the year, will
"certainly help" reduce infection rates from downloads on the official
market of known threats, he said.
Sophos’ Cluley said users of Android-based mobile devices need to take care when they decide to download an app.
“It feels like we have to keep reminding Android
users to be on their guard against malware risks, and to be very
careful—especially when downloading applications from unofficial Android
markets,” he said.
0 comments:
Post a Comment