Monday, October 13, 2014

Selfmite Worm


A new version of an Android worm called Selfmite has the potential to ramp up huge SMS charges for victims in its attempt to spread to as many devices as possible.

The first version of Selfmite was discovered in June, but its distribution was quickly disrupted by security researchers. The worm -- a rare type of malware in the Android ecosystem -- spread by sending text messages with links to a malicious APK (Android Package) to the first 20 entries in the address book of every victim.

The new version, found recently and dubbed Selfmite.b, has a similar, but much more aggressive spreading system, according to researchers from security firm AdaptiveMobile. It sends text messages with rogue links to all contacts in a victim's address book, and does this in a loop.

"According to our data, Selfmite.b is responsible for sending over 150k messages during the past 10 days from a bit more than 100 infected devices," Denis Maslennikov, a security analyst at AdaptiveMobile said in a blog post Wednesday. "To put this into perspective that is over a hundred times more traffic generated by Selfmite.b compared to Selfmite.a."

At an average of 1,500 text messages sent per infected device, Selfmite.b can be very costly for users whose mobile plans don't include unlimited SMS messages. Some mobile carriers might detect the abuse and block it, but this might leave the victim unable to send legitimate text messages.

No comments:

Post a Comment