BEIJING,
May 30, 2011 /PRNewswire-Asia/ -- Events of this past weekend have raised
concerns for Android smartphone users as NetQin Mobile Inc. ("NetQin"
or "the Company") (NYSE: NQ), a leading provider of consumer-centric
mobile security and productivity applications, found a malware (the "Malware")
lurking within more than 20 Android applications circulating via various forums
on the internet which auto-dials phone numbers to incur high user fees. The
infected mobile applications include QQ Doudizhu, Voice SMS, Drag Racing,
Trader, Donkey Jump, Jungle Monkey and Gold Miner among others.
(Logo:
http://photos.prnewswire.com/prnh/20100215/CNM002LOGO )
Named
BaseBridge, the Malware can be embedded in legitimate applications, and when
the applications are being installed, the Malware prompts the user to upgrade,
and once the user chooses to upgrade, the Malware is installed in the device
under the software name "com.android.battery". Then, another prompt
would pop up to ask the user to restart the app to run it, and the Malware is
formally activated upon restarting.
Upon activation,
the Malware would activate three malicious services -- AdSmsService,
BridgeProvider and PhoneService -- to communicate with a control server, from
which it will download a configuration list to read related information and
dial calls or send out SMS messages accordingly, incurring fees for the users.
Meanwhile, the Malware also blocks messages from the mobile carrier to prevent
users from getting fee consumption updates in time so that all malicious
activities are undertaken stealthily without the user's knowledge or consent.
The Malware may also insert messages to the inbox of a mobile device at a
designated time.
When
unlocking the screen of an infected device on which 360 Safeguard is installed,
the Malware would cause a false message to appear, stating that the 360
Safeguard is terminated due to an error/exception while the 360 Safeguard is
actually running normally.
According
to NetQin, "auto dialing" generally refers to the act of a malware
that has intruded and taken over a mobile device in dialing a number without
the user's knowledge. Malware often control mobile devices, using them to dial
a designated number which may incur high fees in the process. This is the first
time an auto-dialing malware that causes fee deduction is spotted on Android
devices although similar software was once found on Symbian devices, which is a
sign that mobile threats on Android are becoming more diversified.
This is
another large-scale outbreak of Android malware after DroidDream that has
forced Google to remove more than 50 rogue applications from its Android Market
earlier this year, once again sounding alarms for mobile users that mobile
threats cannot be ignored. To stay safe, NetQin suggests the following tips for
mobile users to follow when using a smartphone:
1. Download
applications from trusted sources, reputable application stores and markets,
and be sure to check reviews, ratings and developer information before
downloading. Scan the downloaded application with authoritative security
software to avoid malware in disguise.
2. Do not
blindly accept requests from software such as upgrade or update as they maybe
initiated by viruses or malware.
3. Be alert
and look out for unusual behavior on the part of mobile phones, such as
stealthy SMS messages or extra charges on the phone bill, as this may be a sign
of infection.
4. Keep
security software on the phone up to date and perform a full scan regularly to
prevent any potential threats. NetQin Mobile Anti-virus is protecting millions
of users across the globe with its "Cloud+Client" scan engine.
Download is available at http://www.netqin.com/en/antivirus/download/ and on
Android Market.
About
NetQin
Headquartered
in Beijing China, NetQin Mobile Inc. is a leading provider of consumer-centric
mobile Internet services focusing on security and productivity. NetQin was one
of the first companies to recognize the growing security threats targeting
smartphone users and is now a leading Software-as-a-Service (SaaS) provider,
serving both greater China and global clients. The company focuses on serving
clients in three key sectors: 1) mobile security, providing mobile security
services to protect users from mobile malware threats, data theft, and privacy
intrusion; 2) mobile productivity, providing mobile productivity services
designed to intelligently enhance time and relationship management; 3)
personalized intelligent cloud services, providing personalized intelligent
cloud services such as "NQ Space", which is accessible through a
variety of Internet-enabled devices to provide a tailored user experience.
No comments:
Post a Comment