China's Android users need to beware of cell phone viruses

"Science and technology News" August 31, according to Analysys International data statistics show that Android smartphone in China's smartphone market has accounted for nearly 70% of the share of Android mobile phone sales led to the development of Android applications, a variety of Android App store was also born. Yet many third-party markets have also led to the growth of viruses targeting Android, making Android an open-source system more vulnerable. According to a mobile security report released by Tencent Mobile Security Laboratory, 19,856 Mobile virus packages were intercepted in July, Android, which intercepts more than 92% of the virus packages, is more than twice times the number of Android packages in June, and an unprecedented growth trend for Android virus.

According to foreign media reports, recently in China's Android Market has found a new virus, the virus can be used to carry out mobile phone to pay, allegedly infected users have more than 500,000.

As early as six weeks ago, the Mmarketplay App Store found a bill to invade the virus, and recently anti-virus expert Trustgo discovered a more complex new Android virus that can be used to pay for mobile phones on users ' Android phones, read user bank cards, credit cards and billing history.

The virus is named "trojan! Smszombie "(Troy!) SMS Zombie "), first discovered by Trustgo Antivirus company on July 25. Trustgo is said to be the only company currently able to identify such viruses and provide a virus removal program.

It is reported that there are many mainstream application stores in China have been attacked by the virus, so far more than 500,000 of the user equipment has been infected. Although the 500,000 is only drop compared to 683 million of China's mobile phone users, the virus can be privately made unauthorized payment transactions, it may cause huge economic losses to users, so the potential threat of the virus is very large. Moreover, in order to avoid the user suspicion, the hacker who made the virus took a more cautious approach, the virus every time the payment is small, basically rarely produce high bills, so that infected users will not easily find. So far, Trustgo says, the virus has only been getting "relatively low" amounts from infected user accounts by paying back online games and other services, but it adds up to 500,000 lower sums, which are probably a large sum.

"The virus is usually hidden in wallpaper applications and popular downloads, and then hacking into the user's SMS capabilities, using China Mobile (which seems to be all right for Unicom and telecom users)," Trustgo explained on its official blog. Transactions and access to data (all in the background without user authorization).

"Trojan! Smszombie "(Troy!) SMS Zombie "virus is often hidden in various wallpaper applications, with attractive headlines and images to entice users to download the installation. When the user uses the infected application as a mobile wallpaper, the application asks the user to install other virus-related files. If the user agrees and enters the next step, the virus will transfer the transaction data through a file called the Android system service.

Once the user installs this type of infected application, the virus attempts to continuously obtain administrator privileges on the user's device, and the operation user cannot be canceled because pressing the Cancel button will only reload the confirmation dialog box, and the user eventually has to press "activate" to stop the dialog, and then it is forced to activate the virus. And when the virus gets administrator rights, the user cannot uninstall the infected application, the user clicks "Uninstall", the mobile phone will automatically jump back to the main screen. ”

As many mobile phone users in China use mobile phone messages to pay for their mobile phone, and many banks will send billing information to the user's mobile phone, so when the user's phone is infected with the virus, the bank card and account information can easily be intercepted by the virus and make small payments.

Trustgo said users who were infected with the virus or suspected of being infected with the virus could download TRUSTGO mobile security applications or refer directly to the TRUSTGO website (trustgo.com/en/smszombie-eliminate method to clear the virus.

Trustgo is currently working to upgrade its mobile security applications to enable automatic removal of the virus, which is expected to be implemented by the end of this month.

"This virus will automatically replicate and transmit malicious code, so it is difficult to detect." The emergence of such a complex new virus also highlights the drawbacks of an open platform, and sometimes open source is a double-edged sword. Mobile phone users in contact with many applications at the same time, but also be careful to prevent the infection of mobile phone virus, perhaps you are the next target hacker! ”