, ,

Trojan!SMSZombie Attacks more than 500,000 Mobile Devices in China

China, known to be the home of smartphones, is now facing a dilemma caused by the malware that seeks to gain access to user’s SMS payment system.

More than half a million of smartphone users in China have been affected with a new virus that has a capability of making unauthorized payments through the Android app market. This is according to the evaluation from a security company.

The virus named ‘Trojan!SMSZombie’, was identified last August 8. The virus is rapidly growing in apps located in GFan which is known to be one of China’s brilliant app stores, and believed that more than 500,000 users are currently infected. TrustGo managed to contact Gfan, and surprisingly, the apps are still available and active for downloading.

Six weeks ago, TrustGo, an anti-virus specialist, managed to determine a highly developed malware that has a capability of making payments, gaining access to bank/card information as well as previous payment and bill history. TrustGo said that the virus is hiding in different wallpaper applications with intriguing pictures and teasing titles. Such application will then ask to install more files presumably associated with the said application, but the truth is it downloads and executes a payload known as the “Android System Service.” This step is hard to cancel. When the user clicks the “cancel” button, the page will just reload instead.

Knowing that majority in China make payments through SMS, it is anticipated that accessing the messages will enable the malware’s creator to obtain bank and card account information.

Users that have been infected by Trojan!SMSZombie virus were instructed by TrustGo to visit http://www.trustgo.com/en/smszombie-eliminate, where the information for removing the malware is provided.

There had been updates made by the company to its apps that handle the virus automatically. The added app is expected and set to be released before the month ends.

CEO of TrustGo Li said, “By waiting to deliver malicious code until after installation, this virus is difficult to detect. Sophisticated malware like this highlights the fact that the openness of the Android platform is a double-edged sword. Users are able to access an amazing breadth and variety of apps, but must take precautions to ensure the apps they want have not been compromised by hackers.”

The malware which infected more than 500,000 devices rapidly for just a month is truly threatening.  Added that the malware is difficult to recognize, one must be very careful in downloading applications on their cellphones.