{"id":3347,"date":"2012-07-09T18:14:20","date_gmt":"2012-07-09T17:14:20","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=3347"},"modified":"2015-09-09T19:36:57","modified_gmt":"2015-09-09T11:36:57","slug":"android-malware-app-covertly-makes-purchases-on-china-mobile-market","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2012\/07\/android-malware-app-covertly-makes-purchases-on-china-mobile-market\/","title":{"rendered":"Android Malware App Covertly Makes Purchases On China Mobile Market"},"content":{"rendered":"

There seems to be a trend towards malware<\/a> on the Android<\/a> platform that extorts money from the user somehow, either through premium SMS or services – or the latest trojan – which covertly purchases apps from the mobile market.<\/p>\n

We first wrote about Android Antivirus software<\/a> from Symantec back in 2010 and it seems like recently, it’s becoming more necessary. <\/p>\n

DroidDream malware<\/a> starting proliferating the app store last year in 2011, and there was the article about China Facing Problems With Android Handsets & Pre-installed Trojans<\/a>.<\/p>\n

Security researchers are warning of yet another Android malware outbreak which has spread to nine app stores and infected 100,000 with code designed to covertly purchase apps and content from China Mobile\u2019s Mobile Market.<\/p>\n

Mobile security firm TrustGo explained that the MMarketPay.A Trojan could be hidden in a number of legitimate-looking applications, including those from Sina and media streaming company Funinhand, as well as travel and weather apps.<\/p>\n

The malware has already been placed in nine different third party Android app markets in China, infecting over 100,000, the firm said. Once downloaded, the Trojan will automatically place orders for paid content and apps at China Mobile\u2019s official Mobile Market online store without informing the user. It is able to intercept China Mobile\u2019s verification SMS and post the code to the Mobile Market web site in order to complete the purchase, said TrustGo.<\/p>\n

In the event of CAPTCHA being triggered at this stage, the malware will apparently send the relevant image to a remote server for analysis.<\/p><\/blockquote>\n

It seems to be happening most of all in China<\/a>, this isn’t the first time and I guess it won’t be the last. I attribute it to the fact it’s a fairly new smartphone market and the sheer number of people there makes it very attractive to develop this kind of money making malware.<\/p>\n

Just get it out there to a few million people (an extremely small percentage of the population in China) and you’re rich. China is being flooded with cheap Android handsets and tablets, so I’d expect to see more of these threats coming from there in the coming months.<\/p>\n