Android Malware Disguised as Security Update Steals SMSs and Intercepts Phone Calls


Mobile malware disguised as Android.security

Security researchers from FireEye have come across six versions of a new Android threat that’s designed to steal SMS messages and intercept phone calls. The malware has been dubbed “Android.HeHe.”

The malicious element is being distributed as a security update for the mobile operating system. Once it infects a device, it connects to its command and control (C&C) server and starts monitoring incoming SMSs.

The C&C sends the malware a list of phone numbers. If the infected device receives an SMS or a call from one of these numbers, the threat steps into play and intercepts the communications.

Text messages from these numbers are captured and sent back to the C&C server. As far as phone calls are concerned, they’re “silenced and rejected.”

Experts say the existence of threats such as Andorid.MisoSMS and Android.HeHe show that cybercriminals are becoming more and more interested in monitoring SMS and phone calls.

A detailed technical analysis of Android.HeHe is available on FireEye’s blog.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s