Kaspersky identifies rogue Android Trojan

Kapersky Lab has positively identified what it describes as the first Trojan-SMS designed to compromise Android smartphones.

The malware – dubbed Trojan-SMS.AndroidOS.FakePlayer.a – has already infected a number of Android-powered devices.

“The new malicious program penetrates smartphones running Android in the guise of a harmless media player application. Users are prompted to install a file of just over 13 KB with the standard Android extension .APK,” explained Kaspersky security analyst Denis Maslennikov.

“Once installed on the phone, the Trojan uses the system to begin sending SMSs to premium rate numbers without the owner’s knowledge or consent, resulting in money passing from a user’s account to that of the cybercriminals.”

According to Maslennikov, the Trojan-SMS category is currently the most “widespread class” of malware for mobile phones.

However, Trojan-SMS.AndroidOS.FakePlayer.a is the first to specifically target the Android platform. 

“[Still], it should be noted that there have already been isolated cases of devices running Android being infected with spyware. The first such program appeared in 2009,” he said.

“[But] Android [is] experiencing the highest growth in sales among smartphone manufacturers. As a result, we can expect to see a corresponding rise in the amount of malware targeting that platform.”

As such, Maslennikov recommended users pay close attention to the services that an application requests access to when it is being installed.

“[This] includes access to premium rate services that charge to send SMSs and make calls…When a user agrees to these functions during the installation of an application, the smartphone may then be able to make calls and send SMSs without further authorization.”