'Android.Pjapps' Trojan Infects Android Smartphone App 'Steamy Windows' and Runs Up Texting Bills
Did you ever think the day would come that your smartphone gets some type of virus? Well, that day has apparently come and gone by the way of rogue Android smartphone applications.
Cybercriminals are relentless when it comes to finding new creative ways to scam people. This is evident in their latest actions by taking a copy of an Android app called 'Steamy Windows' and adding a backdoor Trojan horse to silently send text messages.
Why Attack Android Smartphone Apps and Not the Abundant Number of iPhone Apps?
There are a countless amount of smartphones that currently run the Android operating system, which has been touted as the iPhone's biggest competition. By cybercrooks knowing how vast the Android smartphone market is, they have put themselves in a position to potentially target a large number of Android smartphone users through rogue apps. Furthermore, cybercrooks can target these users without many roadblocks because unlike the scrutinized and restricted iPhone app store, third party unsanctioned Android app stores are in plentiful amounts. Basically, cybercrooks are reworking Android apps, such as 'Steamy Windows', and then placing them on unmonitored third party Android app stores where unsuspecting Android smartphone users can easily find them for free.
Symantec, a provider of PC security software, has labeled the backdoor Trojan horse contained in the reworked Steamy Window app as 'Android.Pjapps'. The Trojan is designed to install other applications on the Android phone, navigate to websites without the smartphone user's permission, change browser bookmarks and silently send text messages running up a large texting bill.
An Infected Android Smartphone Equals Another Hacker Payday!
Right now you may be asking yourself, how does this infected Android app benefit the attacker? Surely the hackers that went out of their way to modify an Android app that racks up large texting bills have a plan to compensate themselves for their efforts right? Of course, this was the plan from the beginning. What the Trojan specifically does for the hacker is send these text (SMS – Short Message Service) messages to premium rate numbers which the hackers are paid commissions for. Additionally, smartphone victims do not know this is taking place because the Trojan will also monitor and block inbound SMS text messages that would otherwise alert the smartphone user that their texting quota has been exceeded. Brilliant isn't it?
What Can Android Smartphone Users Do to Protect Themselves?
Smartphone users should always be aware of what apps they have installed and if any of them are unauthorized apps. Downloading a smartphone app from a third party source is just like downloading software for your PC from a warez (illegal software) site. Anything that you download could be laced with malware or some type of malware that is designed to scam you out of money. The dangers of a rogue smartphone app are very real and could wind up being a huge monetary liability to a victim. It may be best to seek out trusted Android apps, such as from Google's Android Market, even if they have a cost associated to them. It is better to pay a little now for a trusted app then a lot later for a Free app from an unknown third party laced with money-stealing malware.