Tuesday, October 4, 2011

QR codes - Next way for Android Malware

Once a user scans the QR code, the code redirects them to a site that will install a Trojan on their Android smart phones. Kaspersky's SecureList blog has a report of a malicious QR code on a web site which when scanned directs the user to a URL; the linked site doesn't have a file matching the name in the URL, but it does redirect the browser to another site where the file jimm.apk is downloaded. The file is a trojanised version of the Jimm mobile ICQ client, infected with Trojan-SMS.AndroidOS.Jifake.f which sends a number of SMS messages to a $6 a message premium rate service.

Once installed, the Trojan will send a number of SMS messages to premium-rate numbers, which will end up costing the victim some money, depending on how quickly she is able to find and remove the Trojan.

Kaspersky’s Denis Maslennikov reports that the malware itself is a Trojanized Jimm application (mobile ICQ client) which sends several SMS messages to premium rate number 2476 (US$6.00 each).

[via]If you enjoyed this post, make sure you subscribe to my RSS feed! Comments are encouraged

No comments:
Write comments