Security software manufacturer Kaspersky has recently found a new mobile Trojan camouflaged inside a harmless-looking game. With a simple interface, it looks and behaves like a regular Tic Tac Toe game, but upon digging further, the researchers have found a malicious program in its heart.
Codenamed Spy.AndroidOS.Gomal.a, this multipurpose spyware accesses a user's Internet connection, contacts, SMS archive and can even place calls or record sound. It also includes an exploit to access root privilege of the infected device.
Once it accomplishes, it starts stealing emails and logcat – the logging service built into Android used for application debugging. Achieving both accesses enables Trojan to steal confidential data from the infected device.
This harmless-looking Trojan is actually a reproduction of an old Windows Trojan and gives access to steal personal and corporate data.
There are already several apps available around the web which actually pretend to be simple and masquerade as something, for instance, the Trojan behind the replica of a famous app Angry Birds Transformer.
These fake apps are usually spread around the web through a few third-party App Store to attract the user.
Imagine someone stealing your office mails, Whatsapp texts, social behaviour and personal SMSs. Scared?
Following are the measures, Kaspersky suggests to protect yourself from such onslaught:
- Do not activate the "Install applications from third-party sources" option.
- Only install applications from official channels (Google Play, Amazon Store, etc.).
- When installing new apps, carefully study which rights they request.
- If the requested rights do not correspond with the app's intended functions, do not install the app.
- Use protection software.