Russian virus researchers at Dr. Web are releasing new research around the latest volley from cyber-criminals, this one being dubbed "Android.Spy.40.origin". The Trojan is currently only prevalent in the southeast Asian geographic area, specifically in South Korea, where it's spread by means of unwanted SMS messages containing a link to an APK file.
Once the program is executed, Dr. Web explains that "the Trojan connects to a remote server from which it receives further instructions". These instructions include intercepting inbound messages and uploading them to the server (while also hiding them from the user), blocking outbound calls, sending a list of your contacts and apps to the server, removing and installing apps and sending text messages.
.
.
.
.
For now, the Trojan has not left the Asian region, but that is always subject to change, and the technology to escape detection can be exploited in other nefarious software in the future.
Full Story
One to watch out for.
Best answer by CameronP
View original