eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
More than one million mobile phone users in China have been infected with malware due to a fake antivirus scam.
According to media reports, malicious code hidden within a fake antivirus application is infecting phones and causing them to blast out spam messages that have cost users about two million yuan ($300,000 US) a day. The infected phones send the victim’s SIM card information to the attackers, who then use the compromised phone to send out URL links – typically pay-per-click ads – in text messages to contacts in the victim’s address book.
Users who click on the links will also get infected, further spreading the malware, according to Chinese media reports. By the first week of September, the malware had infected one million users, The Shanghai Daily reported the National Computer Network Emergency Response Technical Team Center as stating.
Reports of similar viruses have surfaced in the ensuing months, and one mobile security company in Beijing has reportedly observed 10 similar pieces of malware since September.
Missing from the reports is what types of phones are being impacted, as well as the name of the bogus antivirus application. However it was compared in a report here to Troj/SymbSms-A, a Trojan impacting Symbian devices. Regardless, the report underscores that mobile phones are of growing interest to attackers. As always, users should be wary of the applications they are downloading.