The Android operating system might need an antivirus, as a new type of malware was detected byKaspersky, who confirmed the file is named “Trojan-SMS.AndroidOS.FakePlayer.a” and is downloaded as a typical .APK Android app. The company stated this is the first known Android-specific trojan.
The malware works by posing as a media player app. Once the app is installed on the mobile device, the trojan begins to send SMS messages to premium rate numbers without the device owner’s knowledge. Since the trojan’s creators are usually the ones on the other end of those premium numbers, they end up profiting from the scam.
This SMS-based type of malware is currently one of the most common forms of mobile viruses. SMS trojans have been around for years on mobile phones, even predating the smartphones we all know and love. The first mobile SMS virus appeared in 2004, and the first-ever Android malware (isolated incidents of spyware) popped up in 2009.
Kaspersky Lab is currently working on Android-specific antivirus technologies; the company plans to release Kaspersky Mobile Security for Android early next year. Other antivirus apps are available in the Android Market; in the past, such applications were thought unnecessary.
However, as this platform continues to experience meteoric growth, even outselling iPhones in the first half of this year, more criminals will be attracted to the money-making capabilities of Android viruses. We hope that Google and device carriers and manufacturers will think about security and antivirus options when planning on-board apps for future OS updates.
As always, be aware of what you download. Kapersky recommends you pay particular attention to the “permission slip” list of hardware or software an application accesses. These lists are available for every Market and non-Market Android app. If the app needs to make premium-rate SMS or phone calls, you might want to think twice before downloading and installing it.