Andre Yoskowitz
30 Dec 2012 22:27
A new Android trojan has been found that causes infected devices to be used for spamming text message purposes and even DDoS attacks.
The "Android.DDoS.1.origin" trojan was first discovered by effective Russian security firm Doctor Web, and tricks its way onto consumer's Android devices by disguising itself as a legitimate app from Google.
After installed, the app creates an icon that is an exact replica of the Google Play Store. Clicking it will still send you to the Store, but there is much more malicious occurrences happening in the background. The trojan will immediately try to connect to its Command and Control (C&C) server and if it does, the server operators are sent the victim's phone number. Further instructions are sent via SMS.
The malware, if given a DDoS command, will begin sending data packets to a specified address. This is bad for the site if there are enough infected devices and also bad for the user, who is using up bandwidth unwillingly and criminally.