New Security App on Android is Malware

By Antone Gonsalves, 19-Jun-2012

Android Security Suite Premium -- loaded with Zeus variant ZitMo -- is a threat to companies given the bring-your-own-device (BYOD) trend.

Google's Android mobile platform is the target of a new variant of a widely used malware capable of stealing personal information.

The latest Zeus malware masquerades as a premium security app to lure people into downloading the Trojan, Kaspersky Lab reported Monday. The fake security app, called the Android Security Suite Premium, first appeared in early June with newer versions released since then.

Such malware presents a threat to consumers, as well as businesses that allow employees to use their personal devices on the corporate network. A Dimensional Research survey of IT professionals found that more than 70 percent said mobile devices contributed to increased security risks and that Android introduced the greatest risk. Issued in January, the report was sponsored by firewall vendor Check Point Software Technologies.

The new Zeus malware steals incoming text messages and sends them to command-and-control servers operated by the attackers. Depending on the apps installed on the Android device, the text could include sensitive data, such as password-reset links.

"It is also important to mention that these malicious apps are able to receive commands for uninstalling themselves, stealing system information and enabling/disabling the malicious applications," Denis Maslennikov, a Kaspersky security researcher said in a blog post. The malware installs a blue shield icon on the smartphone or tablet menu and shows a fake activation code when executed, Kaspersky said. The app uses a series of six command and control servers, one of which was linked to Zeus malware found in 2011.

The new Zeus malware steals incoming text messages and sends them to command-and-control servers operated by the attackers

"The newest variant of ZitMo demonstrates the commitment to effective mobile spyware development and distribution that cybercrime has made," Kurt Baumgartner, senior security researcher at Kaspersky Lab, said by email.

Android application infections increased dramatically in the first quarter of this year, driven by a surge in attacks on personal data, according to the E-Threat Landscape Report released in April by security vendor Bitdefender. Cyber-criminals often hide the malware in apps sold in online stores.

The Dimensional survey found that 65% of the 768 IT pros polled allowed personal devices to connect to corporate networks. Apple's iOS, used in the iPhone and iPad, was the most common platform, with Android coming in third behind Research in Motion's BlackBerry. Android was found in companies represented by one in five of the respondents.

A factor that increases the risk of malware such as Zeus is the lack of employee awareness. More than six in 10 of the IT pros surveyed said employee ignorance had the greatest impact on mobile security.

The types of corporate information most often found on mobile devices were e-mail and contacts. Other information cited by the respondents included customer data, network login credentials and data made available through business applications.

Zeus was first discovered in 2007 as a keystroke logger and form grabber that ran in a browser. The malware is primarily downloaded through phishing schemes or by visiting malicious Web sites. The mobile version of Zeus, called ZitMo, was first discovered a couple of years ago.

In other Android security news, Tokyo police have arrested six men accused of distributing malware through an application downloaded from a porn site, the newspaper Yomiuri Shimbun reported. When launched, the Android app would demand fees and steal the victim's personal information.

The suspects are accused of swindling more than 200 people out of $265,000. Two of the suspects were executives at separate IT companies.

Source: CSO (US)

LATEST NEWS

  • AT&T is Sharpening its IOT Focus in India

    Asia Pacific is one of AT&T’s largest and fastest growing regions and India is one of its major markets in the region, says Sandy Verma, Senior Director, IoT Solutions, AT&T APAC.

  • Vodafone Adds Bank Cards to Mobile Payment Service

    Hoping to make a mark in the increasingly competitive mobile payment sector, Vodafone will soon let users of its Wallet service pay for goods via contactless terminals with a Visa bank card stored on their Android smartphones.

  • Intelligent Process Automation is making Businesses Smarter: Cognizant

    Software robots, which come under the tag of intelligent process automation, has had a dramatic impact on businesses thanks to some of the attributes they possess, according to IT consulting company, Cognizant.

  • Bit by bit, Intel Looks to Quadruple SSD Storage

    With all the photos, videos, apps and tunes you have, the storage on your smartphone may not be enough. With that in mind, Intel is researching new ways to up the storage capacity in mobile devices and PCs without hurting the size or price of devices.

More news »