Don DeBolt, director of threat research, CA Technologies, ISBU
July 01, 2011
Threat of the month

Threat of the month: AndroidOS/Smspacem

What is it?
Mobile malware which leverages trojan, bot and “logic bomb” tricks.  

How does it work?
Infection requires the installation of a trojaned app called “Holy ****ing Bible.” Following installation and a reboot, a rogue service is started that queries a remote location for command-and-control instructions while attempting to communicate the device's phone number to another host-based service. An SMS listener, is controlled via the logic bomb and only starts when the system time reaches May 21, 2011. A doomsday message is then spammed via SMS to all contacts. On May 22, a new message is sent out, and the wallpaper gets changed.

Should I be worried?
It illustrates that tricks employed against the PC platform will be repackaged against the Android.   

How can I prevent it?
Installing only Android Market apps is a start, but we recognize the openness of the Android platform is tempting, so a mobile security app is recommended. 
From the July 2011 Issue of SCMagazine »
Related Articles
Related Topics

Sign up to our newsletters

More in Features

Suspect everything: Advanced threats in the network

Suspect everything: Advanced threats in the network

Are there ways to catch sophisticated malware that hides in trusted processes and services? Deb Radcliff finds out.

Urgent care: Safeguarding data at health care providers

Urgent care: Safeguarding data at health care providers

Health providers have pressing reasons to now embrace security, says INTEGRIS Health's John Delano. Karen Epper Hoffman reports.

Deciphering cloud strategy

Deciphering cloud strategy

There are steps security pros can take to achieve greater peace of mind with cloud implementations, reports Alan Earls.