First drive-by Android malware detected

By

Malware writers "even lazier than before".

The first mobile malware infection via drive-by-download has been detected.

First drive-by Android malware detected
Credit: Flickr

The Android trojan was detected by Symantec researchers delivered through a fake security update hosted on malicious websites.

Drive-by-download transmitted malware to a victim's computer when victims visited infected web pages, but users still had to accept permission prior to installing.

“This is more of a social engineering attack,”  Symantec Security Response Center operations director Liam O Murchu said. “At the end of the day, the user still needs to see a message and decide if it's something that they want to install or not.”

Infected devices may be used as a proxy to authorise attackers to route traffic, O Murchu said.

Trojans that have invaded mobile devices were typically used for financial gain or to access personal data, but the intent of the malware was unclear.

“Maybe they have a scheme in mind that they want to use these phones for at a later point,” he said.

Trail of Bits chief executive Dan Guido said the attack was "not surprising".

“In this case, they are just reusing someone else's website instead of running it off their own. If anything, this proves they are even lazier than ever before,” he said.

The number of victims was also unknown, but there were almost 1000 compromised sites pushing the trojan, according to O Murchu.

Android's mobile operating system was the platform of choice for criminal activity. This was aggravated by marketplaces outside of the official Android app store, Google Play, that allowed users to install  applications which host malicious code.

“That was how a majority of the threats we saw last year were being distributed through Android,” O Murchu said.

Juniper's 2011 security report found that Android malware jumped 3325 percent compared to 2010.

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
androiddrivebydownloadgooglemalwaresecuritysymantec

Sponsored Whitepapers

Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra

Events

Most Read Articles

Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
CBA looks to GenAI to assist 1200 'security champions'

CBA looks to GenAI to assist 1200 'security champions'
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?