Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Incident Response, TDR, Threat Management, Malware, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Android malware intercepts SMS, furthers fraud scheme

Researchers have detected that quickly spreading Android malware has furthered a fraud campaign in Taiwan.

In a Friday blog post, Trend Micro warned of the threat, “ANDROIDOS_RUSMS.A,” which is delivered via malicious SMS.

Attackers use social engineering (in the form of “urgent” text messages) to get users to click malicious links leading to the malware. After victims install the malicious app, attackers can send SMS from victims' phones and intercept incoming texts, the blog post said.

From there, attackers go on to profit via micropayment fraud – which is similar to premium SMS services, except that an SMS confirmation code is required to complete a transaction, Trend Micro said. Fraudsters circumvent authentication as they are able to intercept victims' text messages.

In Q1 2014, malicious links leading victims to the Android malware were visited nearly 32,000 times, Trend Micro found.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.