500,000 Android Devices Infected in Six Hours by SMS Worm in China


Userlevel 7
Badge +48
This one sounds pretty bad and at that speed of propagation it could be bad news for users in other countries who are not using any protection.
 
August 6th, 2014, 21:22 GMT · By Ionut Ilascu
 
"The Chinese Valentine’s Day was on August 2 this year and it was the perfect opportunity for cybercriminals to conduct nefarious activities, as they delivered an SMS worm for Android that spread faster than love, affecting a total of 500,000 devices in about six hours.
Security researchers analyzing a sample observed that the malware contained two modules, one for distributing the threat (XXshenqi.apk) and another for performing the malicious activity (Trogoogle.apk)."
 
http://i1-news.softpedia-static.com/images/news-700/500-000-Android-Devices-Infected-in-Six-Hours-by-SMS-Worm-in-China.jpg - Potential victim is prompted to install Trogoogle.apk

 
Full Article

7 replies

Userlevel 7
Thanks Jasper! It's a good thing I've got WSAC on my Android! 🙂
Userlevel 7
Badge +48

@Ssherjj wrote:
Thanks Jasper! It's a good thing I've got WSAC on my Android! :)

NOW if everyone used it, nobody would have problems.
Userlevel 7

@Jasper_The_Rasper wrote:

@Ssherjj wrote:
Thanks Jasper! It's a good thing I've got WSAC on my Android! :)

NOW if everyone used it, nobody would have problems.

True @Jasper_The_Rasper  but we'd still be one big happy family up here, no? 😉
Userlevel 6
glad I dont have an android!
 
Good article! Thanks for keep us posted on these things.
Userlevel 7
Badge +48
by Pierluigi Paganini on August 9th, 2014
 

One million Android devices in China were infected with an Xshqi SMS worm on August 2, the day the country celebrated Valentine’s Day.

Experts at Kaspersky Lab revealed that a  malware, dubbed Trojan.AndroidOS.Xshqi.a, infected neatly 500,000 Android devices in just six hours last week in China, but Chinese media provided a more pessimistic estimate declaring that the number of infected mobile is over 1 million smartphones.
The attackers operated in conjunction of the day the country celebrated Valentine’s Day as explained by Kaspersky team.

“The fact that this Trojan combination appeared on the Chinese Valentine’s Day is premeditated, taking advantage of user credulity on this special day. And it uses social engineering techniques to spread as much as possible and infect more devices. This Trojan is a good example of why it’s always worth thinking twice about trusting a link received on your mobile phone. No matter who sends it, it could still be a malicious program.,” reported researcher Vigi Zhang in a blog post.
 
Full Article

Userlevel 7
The following article is a update

(Selfmite on STEROIDS: Pumped-up SMS worm is BACK..)

By John Leyden, 10 Oct 2014
 
The SMS worm Selfmite is back: bigger, badder and now global.
The worm, which first surfaced in June and affects Android smartphones and tablets, has spawned a new version.
 
Selfmite-B infects many more users, uses several money-making techniques and is generally more dangerous and difficult to stop, warns mobile security firm AdaptiveMobile.
 
AdaptiveMobile has tracked more than 150,000 messages sent over the past 10 days from over 100 compromised devices found in 16 countries. The latest version of the worm has generated 100 times more traffic than its older sibling, Selfmite-A.
 
The Register/ Article/ http://www.theregister.co.uk/2014/10/10/selfmite_sms_worm_goes_global/
 
Userlevel 7
Badge +48
See Also Selfmite.b SMS Worm Is More Aggressive, Sends 150,000 Messages in 10 Days

Reply

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept or continue browsing you agree to our cookie policy. Learn more about our cookies.

    Accept cookies Cookie settings