WebProNews

Android Malware Being Spread By Text Messages

Android is pretty great, but we all have to admit – the operating system is pretty vulnerable to malware. One of the latest and particularly nasty attempts at infecting users was through a seemingly legitimate copy of Angry Birds Space. This latest attack is even more legitimate.

The security experts over at NQ Mobile have noticed a new Android malware making waves across phones called UpdtBot. It’s particularly nasty because it can disguise itself as a system firmware upgrade spread via text message. Once infected, a phone will begin to send text messages, make phone calls and downloand and install apps.

NQ Mobile breaks down how this particular malware spreads so you can better protect yourself. As stated, it starts by sending users a text message telling your your phone is at risk unless you install the latest firmware update. I can just smell the irony.

Android Malware Being Spread By Text Messaging

The malware then triggers several actions that sets up UpdtBot to communicate with a remote C&C server. This sets up your phone to start performing the malicious activities detailed above. In essence, it makes your phone part of the botnet collective. In that way, it’s similar to the recent fake Angry Birds Space malware.

NQ Mobile believes you should be concerned with this new form of malware due to its deceptive nature as a firmware update. They have found that over 16,000 Android users have now been infected by this malware. Unfortunately, it’s not immediately apparent what hackers will be using your phones for. Best guess is that they will be using like other malware, to make money off of your phone.

Like with the fake Angry Birds Space app, there are easy and simple ways to protect yourself from these kind of attacks. Only download firmware updates and apps from trusted sources. Google or your phone manufacturer won’t send you critical software updates via text messaging. You should also make sure you’re comfortable with the permissions you give apps. For instance, be highly suspect of apps that ask to access your personal data or your contact list.

[h/t: ExtraTorrent]