Application info for the latest Android trojan.
Android Trojan Pretends it's the Cure for Other Malware
It seems that we're reporting on Android malware almost daily now, but this one is really dirty. If you're one of the many that happened to download one of the recent malicious files, this could mean that you're considering downloading a patch from the net and installing it manually instead of waiting for Google to push the official release to your device. Think again.
Watch out for BigServ.A, not a Patch, a Phone Pirate
The latest threat found, BigServ.A, shares the same name with the official release from Google, Android Market Fix. Once installed, BigServ.A steals information such as phone number and IMEI number, then uploads it to a remote server in China. This could lead to some serious data usage, and those not on an unlimited plan could suffer some real damage in their wallet.
While this particular threat may not affect anyone outside of China as of right now, it's just another example of the potential threats that are capable on Android, regardless of geographic location.
Keeping Your Android Devices Free of Malware, Viruses, and Trojans
It seems that Android is under attack, so I urge all users to follow just a few simple rules to keep their devices secure.
- DO NOT download anything from third-party sites or markets. Only use the official Android Market.
- ALWAYS run antivirus. Read my review of 5 of the top choices here.
- Do not allow installation of non-market apps. (Settings>Applications>Uncheck "Unknown Sources")
- Above all others, always check permissions before installing an apps! Use common sense. If you're downloading a file manager, why would it need access to your phone calls or physical location?
NOTE: There seems to be some confusion about who this trojan is affecting. Some websites are reporting that it is affecting all devices, not just ones in China. At this point that is absolutely not true.