Over this past weekend concerns have risen regarding a malware that has been found in over twenty Android applications. The infected applications include QQ Doudizhu, Voice SMS, Drag Racing, Trader, Donkey Jump, Jungle Monkey and Gold Miner and many others.
This malware has been named BaseBridge and can easily be embedded in legitimate applications. When the application is installed the malware prompts users to upgrade and after doing so the malware is installed in the device under the name “com.android.battery”. Another prompt the pops up asking the user to restart the application to be able to run it. Once done the malware is activated upon restarting.
Once the malware has been activated three malicious services communicate with a control server and the downloads a list to read information and dials calls and also sends out SMS messages. This in turn incurs fees for the user. The malware also blocks messages from mobile carriers to prevent users from noticing the fees that are being incurred. By doing this all the malicious activities are done without the knowledge of the user. The malware is also known to insert messages into the users inbox at a certain time.
When the screen is unlocked on a device that has been infected the malware causes a false message to appear stating that the 360 Safeguard has been terminated due to an error/exception has happened while in all actuality the 360 Safeguard is running perfectly fine.
According to NetQin, auto dialing usually refers to the act of a malware that has intruded and taken over a device in dialing numbers without first letting the user know. Malware general controls devices and uses them to dial a certain number which then in turn can cause high fees. This is one of the first times that an auto dialing malware that causes these fees has been detected in Android devices.
This is another large outbreak of Android malware sine the DroidDream was discovered and had forced Google to remove more than 50 rogue applications from the Android Market earlier this year. We are learning once again that that these threats cannot be ignored. Thankfully, NetQin has given us some steps that we can use when it comes to these potential malware applications.
- Download applications from trusted sources, reputable application stores and markets, and be sure to check reviews, ratings and developer information before downloading. Scan the downloaded application with authoritative security software to avoid malware in disguise.
- Do not blindly accept requests from software such as upgrade or update as they maybe initiated by viruses or malware.
- Be alert and look out for unusual behavior on the part of mobile phones, such as stealthy SMS messages or extra charges on the phone bill, as this may be a sign of infection.
- Keep security software on the phone up to date and perform a full scan regularly to prevent any potential threats. NetQin Mobile Anti-virus is protecting millions of users across the globe with its “Cloud+Client” scan engine. Download is available at http://www.netqin.com/en/antivirus/download/ and on Android Market.
There are many security applications that can be installed on Android devices. We did our own article on these just recently that you can check out here.
Let us know below in the comments if you have experienced any of these issues.