New Android Malware Targets Custom ROMs

New Android Malware Targets Custom ROMs

According to Lookout Mobile Security, a new Trojan (jSMSHider) has surfaced in Android markets that currently targets Chinese Android users using custom ROMs.

As explained by Lookout on what the malware can do if the install is successful:

If jSMSHider successfully installs the second stage payload, we mapped the capabilities that the malware can perform, which include:

- The ability to read, send and process incoming SMS messages (potentially for mTAN interception or fraudulent premium billing subscriptions)

- Installing apps transparently on ROMs with a platform signer from the AOSP

- Communication with a remote server using DES encryption and base64 encoding with a custom alphabet

- Dynamic C&C server addresses and check-in frequency

- Download an application from a URL and perform a silent install or update of the APK

- Open a URL silently in the background (using the device’s default User-Agent)

The company has gone on to claim that Lookout Free and Premium users are automatically protected from this threat and do not need to take further action. But if you're using another custom ROM, it's recommended that you check with the developer to see if a patch is available.

Source: Lookout

All News Categories

News for Past 12 Months

Subscribe to HWZ Here!

Subscribe now to receive latest tech news, articles and promotions straight to your inbox!
By signing up, you indicate that you have read and agreed to the and .

Obsessed with technology?
Subscribe to the latest tech news as well as exciting promotions from us and our partners!
By subscribing, you indicate that you have read & understood the SPH's Privacy Policy and PDPA Statement.