"Bill Shocker" Android malware hits China, infecting 620K smartphone users
Security experts report that about 620,000 Android smartphones in China have recently been infected by the “Bill Shocker” malware.By J. Angelo Racoma 31 Jan, 2013
Android malware is on the rise, and smartphone users are warned against blindly trusting their apps. Most of the time, the payload will involve massive costs on the part of subscribers who have infected devices. In the latest wave of malware afflicting the platform, about 620,000 Chinese smartphones were said to have been infected.
The “Bill Shocker” malware essentially has an SMS-sending payload, which would use the infected mobile device’s account to send spam SMS messages. The malware also gives the virus creators remote-control capability over the device, which these individuals and groups usually use in conducting spam attacks and even hack attacks on other online resources. Malware can also retrieve personal data from the device, including contact lists, messages and the like.
NQ Mobile Security’s RiskRanker describes the exploit.
Bill Shocker downloads in the background, without arousing the mobile device owner’s suspicion. The infection can then take remote control of the device, including the contact list, Internet connections and dialing and texting functions. Once the malware has turned the phone into a “zombie,” the infection uses the device to send text message to the profit of advertisers. In many cases, the threat will overrun the user’s bundling quota, which subjects the user to additional charges.
The Next Web reports that Bill Shocker disguises itself in seemingly legitimate applications like Tencent QQ Messenger and Sohu News. But because most Android users would not bother to double-check the permissions being asked by the app on install or update, the likelihood of the malware slipping past security measures is high.
Further, RiskRanker says that the malware is “capable of upgrading itself and of automatically expanding to other apps, multiplying the potentially disastrous effects.”
Of course, 620,000 is a drop in the bucket, compared with the billion mobile users in China. This number is about 0.25% of Android users in the country. Still, this is a big number, and can compound the malware issues plaguing the Android platform. For now, Android users are advised to download apps only from reputable sources, such as Google Play Store. However, since the official Google app marketplace is banned from within China, users would usually need to side-load applications or install these from other sources.