SMS stealing virus targeting Android users in India
A potentially damaging virus which basically steals SMS and personal details of an Android-enabled device user ( Smartphones and Tablets ) has been detected in Indian cyberspace and internet security experts have asked mobile phone and tablet users to exercise caution while operating so that users don’t get irked while using their Android devices.
The malware is affecting all the versions of Android prior to version 4.2.2 (Jelly Bean) so utter care and precaution has to be taken for the same. There were reports earlier about the DIMTS in Delhi and were reported by the same source.
Computer Emergency Response Team India (CeRT-In) said and advised ;
It has been observed that a critical vulnerability exists in Android which could allow attackers to inject malicious code into legitimate applications which makes it possible to change an application’s code without destructing or affecting the crypto-graphic signature of the application, essentially giving a malicious author to trick the Android device into believing that the designed application is unchanged. Moving forward , an attacker could exploit this vulnerability by placing other files with same name into an application package along with the legitimate files. The Android package verification occurs against the first file during installation. Hence, the crafted .APK passes the verification process and installs the second file. However, during run-time the other malicious file gets executed and follows with the procedure.
We advise you to check for the permissions required by an application before installing, exercise caution while visiting un-trusted sites for clicking links and in the process run a full system scan through a device with a mobile security solution or mobile anti-virus solution. Do not download and install applications from un-trusted sources and download applications only from trusted sources, reputed application markets and Google Play Store. There are more ways by which you can protected your device and if you would like to know more , please feel free to drop us a line below.