Tag Archives: sms

MisoSMS: New Android Malware Disguises Itself as a Settings App, Steals SMS Messages

Posted on by

MisoSMS infects Android systems by deploying a class of malicious Android apps. The mobile malware masquerades as an Android settings app used for administrative tasks. When executed, it secretly steals the user’s personal SMS messages and emails them to a command-and-control (CnC) infrastructure hosted in China. FireEye Mobile Threat Prevention platform detects this class of malware as “Android.Spyware.MisoSMS.”

via MisoSMS: New Android Malware Disguises Itself as a Settings App, Steals SMS Messages | FireEye Blog.

Once the app is installed, it presents itself as “Google Vx.” It asks for administrative permissions on the device, which enables the malware to hide itself from the user, as shown in Figure 2.

Right there is a clue that something is not right.

Happy bday! SMS txt msgs turn 20

Posted on by

The approval was finally given and the systems interconnected, then Papworth, sitting in front of a personal computer, tapped out the greeting “Merry Christmas” and sent it via SMS to Vodafone Director Richard Jarvis.

The text-messaging era was born.

via Happy bday! SMS txt msgs turn 20 – Computerworld.

Perhaps it’s no surprise then that in late 1995, three years after Papworth’s first text message, users were only sending an average of one text every two and a half months.

WhatsApp threatens legal action against API developers

Posted on by

However, the popular texting alternative WhatsApp still has a major security problem. Attackers can compromise other users’ accounts with relative ease, and send and receive messages from another user’s account. In this respect nothing has changed – heise Security was able to successfully repeat its test this morning (Tuesday).

via WhatsApp threatens legal action against API developers – The H Security: News and Features.

WhatsApp Inc. has, however, been in touch with the developers behind the GitHub project WhatsAPI, an open source implementation of the WhatsApp protocol written in PHP and Python. The company has threatened to take legal action against the developers if they do not take the project offline. heise Security has been told by one of the developers that they have decided to acquiesce to this request and to cease working on the API.

Resilient ‘SMSZombie’ Infects 500,000 Android Users in China

Posted on by

If an Android user downloads the app and sets it as the device’s wallpaper, the app then prompts the user to install additional files. “If the user agrees, the virus payload is delivered within a file called ‘Android System Service,’” TrustGo explained.

via Resilient ‘SMSZombie’ Infects 500,000 Android Users in China | SecurityWeek.Com.

The article states that this only affects users of China Mobile.  I find it interesting that to get infected not only do you have to install the bad app, you also have to agree to install these additional files.  Wouldn’t the second prompt raise some suspicion?