Had an odd text on your Android device? Time to watch out for SMS worms ...

Google’s Android now dominates 80% of the smart phone market. Of the major phone operating systems, Android is the most vulnerable to security breaches and yet perceptions haven’t caught up with reality. People simply aren’t as worried, or as careful, as they ought to be.

If you’re using an Android and aren’t too concerned, maybe a recent announcement by a leading anti-malware company will make you stop and think. When were you last suspicious of a text from a friend?

Well, now is the time to start checking your messages with more scepticism as a virus known as “Andr/SlfMite-A” has been spreading throughout the Android world, transmitted by text messages, also known as SMS.

If you are fooled into clicking on a link embedded within the SMS, and if your phone is unprotected, the virus will in turn be installed on your own phone. The virus will then attempt to send text messages to your first 20 contacts. The message may look something like this:




Sophos

By making your contacts think this message is from you and is therefore a genuine (and seemingly honest) text message which they must act upon. It tricks them into clicking the link, unleashing malware onto their phone. And so on.

If this all sounds familiar, it is because self-replicating “worms” like these were a feature of early mass-market online viruses. A decade ago, famed worms such as ILOVEYOU or Mydoom spread through email, shutting down computer systems throughout the world and causing millions of pounds in damage.

Today’s SMS spam is spread in the same way, but things move even faster now. As soon as anyone clicks on the link, they become part of the worm’s progress. You may only be one victim with 20 contacts, but these things soon add up. If all 20 contacts fell for the link once every hour, the worm could have swamped the entire planet and all its Android devices within a day.

Fortunately not everyone falls for this, nor do all the text messages get through. In the end, Andr/SlfMite-A is likely to fizzle out. However, whether it is successful in infecting your friends, the virus also downloads a small malware application which appears to direct users towards Mobogenie, an independent Android app store.

It is important to note that Mobogenie has been hit in the past by other malware issues. There’s a reason the anti-malware community don’t consider it an effective resource for protecting your smart phone.

Should I panic?

If you already have an anti-malware application installed on your android smart phone, just check to see that its malware definitions are up to date. Then rest easy and make yourself a nice refreshing drink.


But if you do not have any protection I would be very concerned and strongly advise that you consider installing an antivirus app.

If you do get a mysterious text message from one of your contacts my best advice is to phone them and ask if they intended to send a message. If it looks as if they may be infected, point them to this article and advise them to ensure that their phone is protected.

Android is a victim of its success

Any computer and any operating system is potentially vulnerable to malicious code. So long as unsuspecting souls can be persuaded to download applications for their own personal benefit, cybercriminals will be able to exploit systems and create all kinds of mayhem.

Sadly, research has shown that over half of us could be persuaded to download malware for the right price. In some cases, manufacturers have managed to stem the supply: Apple and Microsoft, for instance, retain tight control over their smart phone app stores, ensuring a high degree of safety.
But the reality is that cybercriminals tend to target popular systems, and Android is increasingly dominant. There are many naive people out there, and more than one way to install dodgy apps.
It is important that everyone using any technology becomes more aware of the different types of attacks out there as you cannot entirely rely on experts to protect your smart phone from every attack.

We don’t all use our phones in the same way so nor are we all exposed to the same degree of risk. The way you respond to texts, emails or browser messages, the sites you visit and the applications you may download all have an effect on the security of your smart phone.

Becoming cautious should be a way of life. There is nothing wrong with checking to see if an unusual text message from a friend is suspicious; who knows, maybe they’ll even appreciate hearing your voice.


The Conversation
Andrew Smith does not work for, consult to, own shares in or receive funding from any company or organisation that would benefit from this article, and has no relevant affiliations.

 This article was originally published on The Conversation. Read the original article.

Comments

Post a Comment

Popular posts from this blog

So, what do you think about simulation ...

Ok, this is not a scientific study, the audience participation is likely to be from a self selecting group etc. So lets call this a poll amongst friends, followers and like minded. A question that is structural to my research is ... Do you think simulation can replace real hardware, when teaching networking? To remain fair, I am not going to share my opinion as it is biased and please don't try and answer this to please me (as I really don't know who will be answering and if you know me, you will know that it won't). Please take a look at the top left of this blog and based on your personal opinion, answer either yes or no. You do not have to be an expert, or an academic or even a teccie, everyone's opinion in this context counts. The opinions below are valid view points, but must not contribute to your own independent decision, please complete the question before reading these. =================================...
Read more

If airlines offer in-flight Wi-Fi, they should invest in an extra black box for security ...

Image
Yijun Yu , The Open University and Andrew Smith , The Open University In-flight Wi-Fi is one of the most sought-after facilities for air travellers these days, now that laptops and smartphones are so common and so much of our working and personal life revolves around online services. But a US Government Accountability Office report has suggested that many in-flight wireless networks could expose the plane to being hacked or remotely controlled . In fact it’s of such a concern to US authorities that when a well-known computer security expert made an admittedly ill-thought-out joke about doing so on Twitter, he was promptly arrested, his computers confiscated, and subsequently banned from the airline . And all he was suggesting was to make the oxygen masks drop down. So it would appear that the stuff of Hollywood may jump from fiction to fact: Liam Neeson and Julianne Moore starred in the 2014 film Non-Stop , where a passenger hacking the aircraft’s internal wirel...
Read more

Losing our presence - how the latest @OpenUniversity #location "consultation" is utter madness ...

After reading a considered write up from colleague Ray Corrigan  and support from Cory Doctorow  I feel that here is one decision from our senior management, that for the first time in seven years made me wonder about the state of mind within the Open University (OU). One of the primary reasons I joined the OU is that it was a organisation I could get behind - irrespective of its many eccentricities. It's mission to enable whomever that tried; to reach for higher education - this was something I could easily get behind. We do need to look at how we use the different offices - but to cull them in such a manner and looking at the outcomes of the location analysis. Strikes me that whomever was given the job - did little to review each location and approached this from a purely numerical perspective. Having worked hard to develop a community of Cisco Academies, Vendor interests and interventions in the Computing and Network Engineering teaching communities. I have used thes...
Read more