Freely subscribe to our NEWSLETTER

The new malicious program penetrates smartphones running Android in the guise of a
harmless media player application. Users are prompted to install a file of just over 13
KB with the standard Android extension .APK. Once installed on the phone, the Trojan
uses the system to begin sending SMSs to premium rate numbers without the owner’s
knowledge or consent, resulting in money passing from a user’s account to that of the
cybercriminals.

The Trojan-SMS category is currently the most widespread class of malware for mobile
phones, but Trojan-SMS.AndroidOS.FakePlayer.a is the first to specifically target the
Android platform. It should be noted that there have already been isolated cases of
devices running Android being infected with spyware. The first such program appeared
in 2009.

“The IT market research and analysis organization IDC has noted that those selling
devices running Android are experiencing the highest growth in sales among
smartphone manufacturers. As a result, we can expect to see a corresponding rise in
the amount of malware targeting that platform,” says Denis Maslennikov, Mobile
Research Group Manager at Kaspersky Lab. “Kaspersky Lab is actively developing
technologies and solutions to protect this operating system and plans to release
Kaspersky Mobile Security for Android in early 2011.”
Kaspersky Lab recommends that users pay close attention to the services that an
application requests access to when it is being installed. That includes access to
premium rate services that charge to send SMSs and make calls. When a user agrees
to these functions during the installation of an application, the smartphone may then be
able to make calls and send SMSs without further authorization.

The signature for Trojan-SMS.AndroidOS.FakePlayer.a has already been added to
Kaspersky Lab’s antivirus databases.