Android Malware Disguised as Security Update Steals SMSs and Intercepts Phone Calls


January 21st, 2014, 14:40 GMT · By Eduard Kovacs
Again another clear case of these are toys and should not be used in a Corp/Business Environment

Security researchers from FireEye have come across six versions of a new Android threat that’s designed to steal SMS messages and intercept phone calls. The malware has been dubbed “Android.HeHe.”

The malicious element is being distributed as a security update for the mobile operating system. Once it infects a device, it connects to its command and control (C&C) server and starts monitoring incoming SMSs.
The C&C sends the malware a list of phone numbers. If the infected device receives an SMS or a call from one of these numbers, the threat steps into play and intercepts the communications.
Text messages from these numbers are captured and sent back to the C&C server. As far as phone calls are concerned, they’re “silenced and rejected.”
Experts say the existence of threats such as Andorid.MisoSMS and Android.HeHe show that cybercriminals are becoming more and more interested in monitoring SMS and phone calls.

A detailed technical analysis of Android.HeHe is available on FireEye’s blog.

Roy Miehe | MspPortal.net | Ceo/President
GFI Max Distributor
Where Service and Technical Skills Count

Managed Service Provider for the following products:
MspPortal.net Software Family
mspencryptmail.net | mspsecuremail.net |
mspmailfilter.net | mspsecureweb.net |
mspmanagednetwork.net | mspsecurebackup.net |

Tags: , , , , , , , , , , ,

Comments are closed.

%d bloggers like this: