{"id":11983,"date":"2013-12-18T12:48:08","date_gmt":"2013-12-18T18:48:08","guid":{"rendered":"http:\/\/bucktownbell.com\/?p=11983"},"modified":"2013-12-18T12:48:08","modified_gmt":"2013-12-18T18:48:08","slug":"misosms-new-android-malware-disguises-itself-as-a-settings-app-steals-sms-messages","status":"publish","type":"post","link":"http:\/\/bucktownbell.com\/?p=11983","title":{"rendered":"MisoSMS: New Android Malware Disguises Itself as a Settings App, Steals SMS Messages"},"content":{"rendered":"<blockquote><p>MisoSMS infects Android systems by deploying a class of malicious Android apps. The mobile malware masquerades as an Android settings app used for administrative tasks. When executed, it secretly steals the user\u2019s personal SMS messages and emails them to a command-and-control (CnC) infrastructure hosted in China. FireEye Mobile Threat Prevention platform detects this class of malware as \u201cAndroid.Spyware.MisoSMS.\u201d<\/p><\/blockquote>\n<p>via <a href=\"http:\/\/www.fireeye.com\/blog\/technical\/botnet-activities-research\/2013\/12\/misosms.html\">MisoSMS: New Android Malware Disguises Itself as a Settings App, Steals SMS Messages | FireEye Blog<\/a>.<\/p>\n<blockquote><p>Once the app is installed, it presents itself as \u201cGoogle Vx.\u201d It asks for administrative permissions on the device, which enables the malware to hide itself from the user, as shown in Figure 2.<\/p><\/blockquote>\n<p>Right there is a clue that something is not right.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>MisoSMS infects Android systems by deploying a class of malicious Android apps. The mobile malware masquerades as an Android settings app used for administrative tasks. When executed, it secretly steals the user\u2019s personal SMS messages and emails them to a &hellip; <a href=\"http:\/\/bucktownbell.com\/?p=11983\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[285],"tags":[48,677,101,309],"class_list":["post-11983","post","type-post","status-publish","format-standard","hentry","category-cpe","tag-android","tag-bots","tag-security","tag-sms"],"_links":{"self":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/11983","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=11983"}],"version-history":[{"count":1,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/11983\/revisions"}],"predecessor-version":[{"id":11984,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/11983\/revisions\/11984"}],"wp:attachment":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=11983"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=11983"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=11983"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}