Android devices are being targetted by a strain of malware spreading through text messages.
Dubbed Selfmite, it was detected by IT security researcher Denis Maslennikov. The worm is able to propagate via SMS. Potential victims receive the following SMS message containing a URL pointing to the Selfmite worm: Dear [NAME], Look the Self-time, http://goo.gl/******.
On clicking the link, the user is redirected to another link where they are then prompted to download and install an APK file called "The Self-timer" which then appears on a user's device.
If the victim launches it, the malware immediately reads the device's contact book, looking for 20 contacts to send the same message to automatically.
IT security firm AdaptiveMobile has already detected infected devices on operator networks in North America, where the worm was first discovered. It said that activity has also been recorded from a dozen countries worldwide.
"We were able to detect this infection early, limiting the harm done by Selfmite. At the moment North America seems to be the most targeted territory," said Maslennikov.
"SMS worms for Android smartphones have previously been rare, but this and the recent Samsapo worm in Russia may indicate that cybercriminals are now starting to broaden their attacks on mobile phones to use different techniques that users may not be aware of," he added.
Once the worm sends out these messages, the user is invited to download and install Mobogenie which is a legitimate app for managing and installing Android apps.
"There is a monetisation aspect to this worm," said Maslennikov.
"To redirect users to the Mobogenie app, the Selfmite worm uses an advertising platform, therefore we believe that an unknown registered user of the advertising platform abused a legal service and attempted to increase the number of Mobogenie app installations using malicious software."
The firm has contacted Google and the malicious URL has now been put out of action.
"This should stop the worm author from profiting from the spread of Selfmite," said Maslennikov.
-
What does modern security success look like for financial services?Sponsored As financial institutions grapple with evolving cyber threats, intensifying regulations, and the limitations of ageing IT infrastructure, the need for a resilient and forward-thinking security strategy has never been greater
-
Yes, legal AI. But what can you actually do with it? Let’s take a look…Sponsored Legal AI is a knowledge multiplier that can accelerate research, sharpen insights, and organize information, provided legal teams have confidence in its transparent and auditable application
-
Scania admits leak of data after extortion attemptNews Hacker stole 34,000 files from a third-party managed website, trucking company says
-
Capita tells pension provider to 'assume' nearly 500,000 customers' data stolenCapita told the pension provider to “work on the assumption” that data had been stolen
-
Gumtree site code made personal data of users and sellers publicly accessibleNews Anyone could scan the website's HTML code to reveal personal information belonging to users of the popular second-hand classified adverts website
-
Pizza chain exposed 100,000 employees' Social Security numbersNews Former and current staff at California Pizza Kitchen potentially burned by hackers
-
83% of critical infrastructure companies have experienced breaches in the last three yearsNews Survey finds security practices are weak if not non-existent in critical firms
-
Identity Automation launches credential breach monitoring serviceNews New monitoring solution adds to the firm’s flagship RapidIdentity platform
-
Neiman Marcus data breach hits 4.6 million customersNews The breach took place last year, but details have only now come to light
-
Indiana notifies 750,000 after COVID-19 tracing data accessedNews The state is following up to ensure no information was transferred to bad actors
