Kaspersky Labs of Russia has announced that they have found a backdoor in the Google Cloud Messaging (GCM) service which is now being exploited. Hackers are using this to steal the data of Android users and sending out paid messages on their behalf. The security company has already notified Google regarding this concern which can allow hackers to register malware and Trojan in the network.
According to Kaspersky hackers are able to get the accounts of GCM developers. They will then use this account to register Trojan or malware applications. If an Android user installs an application containing malware then their data could possibly be compromised.
The only way to stop this is by blocking the accounts of GCM developers which can only be done by Google.
Over the past few years cybercriminals have become active in targeting Android devices with malicious applications. These applications may be disguised as a game or a popular app but then is loaded with malware.
An example of a malicious software spreading in Android devices is the Trojan-SMS.AndroidOS.OpFake.a which is already present in 97 countries and is found in over 1 million installation packages. What it does is it allows hackers access to an infected device’s contacts and messages. It also allows the sending of messages to the contact list which contains a link to the malware. Finally, it is able to send out premium messages to specific numbers with the device owner paying the bill.
This type of malicious software is registered with the GCM service according to Kaspersky Lab expert Roman Unuchek. In most cases Google Play Store warns users of the danger in downloading an application however a lot of people simply ignore the warning.
Data from Kaspersky labs shows that there are at least 12,000 types of mobile threats appearing monthly. Last year 99% of mobile threats have targeted the Android platform.