Don DeBolt, director of threat research, CA Technologies, ISBU
July 01, 2011
Threat of the month

Threat of the month: AndroidOS/Smspacem

What is it?
Mobile malware which leverages trojan, bot and “logic bomb” tricks.  

How does it work?
Infection requires the installation of a trojaned app called “Holy ****ing Bible.” Following installation and a reboot, a rogue service is started that queries a remote location for command-and-control instructions while attempting to communicate the device's phone number to another host-based service. An SMS listener, is controlled via the logic bomb and only starts when the system time reaches May 21, 2011. A doomsday message is then spammed via SMS to all contacts. On May 22, a new message is sent out, and the wallpaper gets changed.

Should I be worried?
It illustrates that tricks employed against the PC platform will be repackaged against the Android.   

How can I prevent it?
Installing only Android Market apps is a start, but we recognize the openness of the Android platform is tempting, so a mobile security app is recommended. 
From the July 2011 Issue of SCMagazine »
Related Articles
Related Topics

More in Features

Behind the scenes: Privacy and data-mining

Behind the scenes: Privacy and data-mining

With data-mining firms harvesting personal information from online activity, privacy advocates, if not yet consumers, are alarmed, reports James Hale.

The great divide: Reforming the CFAA

The great divide: Reforming the CFAA

Aaron Swartz's death inspired Rep. Zoe Lofgren to want to reform the federal anti-hacking law, but some security pros worry this would sterilize a potent enforcement weapon, reports Dan Kaplan.

Suspect everything: Advanced threats in the network

Suspect everything: Advanced threats in the network

Are there ways to catch sophisticated malware that hides in trusted processes and services? Deb Radcliff finds out.