Android malware spreads via mail tracking SMS spam

Share this article:

Attackers are spreading Android malware to users under the guise of phony mail tracking notifications made to look like DHL Express correspondence, analysts warn.

On Thursday, Carlos Castillo, a mobile malware researcher at McAfee, revealed in a blog post that the brand name of logistics company DHL in Germany had been used to trick victims in the country into installing the malware detected as “Android/SmsHnd.A.”

The threat is delivered via SMS spam designed to look like a DHL tracking notification. In reality, a link in the SMS (shortened through Google's URL service goo.gl) allows attackers to install the malware, the blog post said.

“SmsHnd” leaks sensitive data, such as a victim's phone number, device model, IMEI and IMSI identifiers. The Android malware can also spam text victims' contacts, Castillo said, all while attackers intercept and forward incoming text messages to a remote server in Japan.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Report: Stolen card data is crime that concerns Americans most

A recent Gallup Crime poll indicates that Americans' top two worries revolve around having credit card data stolen or their computer or smartphones compromised.

Pirate Bay co-founder found guilty for hacking IT service provider

Gottfrid Svartholm Warg was found guilty of hacking an IT service provider in Denmark. This is his second court case for illegally accessing data.

Assume Drupal 7 sites are compromised, unless patched or updated to 7.32 ...

Assume every Drupal 7 website is compromised, unless patched or updated to Drupal 7.32 within seven hours of the disclosure of a highly critical SQL injection vulnerability.