{"id":4017,"date":"2013-11-19T10:00:45","date_gmt":"2013-11-19T15:00:45","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=4017"},"modified":"2013-11-19T10:00:45","modified_gmt":"2013-11-19T15:00:45","slug":"mobile-malware-reported-riding-on-google-messaging-service","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2013\/11\/19\/mobile-malware-reported-riding-on-google-messaging-service\/","title":{"rendered":"Mobile malware reported riding on Google messaging service"},"content":{"rendered":"

\"\"<\/a><\/p>\n

\\Mobile botnets are on the rise and cybercriminals are using the Google Cloud Messaging service as a conduit for sending data from command-and-control servers to malware, a new report says.<\/p>\n

In its latest IT Threat Evolution report, Kaspersky Lab said the third quarter was \\”undoubtedly the quarter of mobile botnets,” as cybercriminals tried to improve the ways they manage their networks of infected Android devices.<\/p>\n

The latest weapon in criminals’ arsenal is GCM, which enables them to send short messages in the JSON format to instruct malware on Android devices. JSON, or JavaScript Object Notation, is an open standard format that uses human-readable text to transmit data from a server to Web applications.<\/p>\n

GCM is being used to communicate with the most widespread SMS Trojans, Kaspersky said in the report released last week. SMS Trojans are a common form of mobile malware that sends text messages to premium-rate phone services. The charges, which are not easily recovered, show up later on the victim\\’s wireless phone bill.<\/p>\n

“The only way of preventing this channel from being used by malware writers to communicate to their malware is to block the GCM accounts of developers who use them to spread malware,” Kaspersky said.<\/p>\n

Very few malicious programs use GCM, but those that can are growing in popularity, the security vendor said.<\/p>\n

SMS Trojans, the most common type of mobile malware, are mostly found in Russia and other regions where Android users regularly download software from third-party app stores. Malware is much less likely to hide in Google Play, the official Android store.<\/p>\n

Android infection low<\/p>\n

Nevertheless, the overall rate of infection on Android devices is very low. A study by the Georgia Institute of Technology found an infection rate of 0.0009 percent, or roughly 3500 out of more than 380 million mobile devices.<\/p>\n

Infection hurdles include bypassing defenses Google builds into the operating system and the lack of effective mechanisms for mass distribution. Criminals are turning to botnets to clear the latter, and Kaspersky in mid-July recorded what the vendor said were the first third-party botnets.<\/p>\n

Criminals rent such networks to others for malware distribution. Among the malware distributed is the most sophisticated Android Trojan, known as Obad, Kaspersky said.<\/p>\n

\"\"<\/a><\/p>\n

The malware opens a backdoor in an infected device in order to download additional malicious code for stealing money from victims’ bank accounts. While not common in the U.S., people in other countries often use their smartphone for money transfers.<\/p>\n

Kaspersky found Obad being distributed through mobile devices infected with malware called Trojan-SMS.AndroidOS.Opfake.a. Upon receiving instructions from a command-and-control server, Opfake would send text messages to everyone on a victim’s contact list, inviting them to download multimedia content.<\/p>\n

Clicking on the link in the text, automatically downloaded Obad, Kaspersky said.<\/p>\n

Typical for mobile malware reports, Kaspersky recorded an increasing number of samples. The number in the vendor’s collection rose nearly 20 percent from the second quarter to 120,000.<\/p>\n

via Mobile malware reported riding on Google messaging service | TechHive<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

\\Mobile botnets are on the rise and cybercriminals are using the Google Cloud Messaging service as a conduit for sending […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[3,7,9,10],"tags":[65,342,424,655,1176],"class_list":["post-4017","post","type-post","status-publish","format-standard","hentry","category-hardware","category-security","category-software","category-technology","tag-android","tag-exploits","tag-google","tag-malware","tag-vulnerabilites"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-12N","jetpack-related-posts":[{"id":9804,"url":"https:\/\/nccomputertech.com\/techtalk\/2024\/11\/08\/maximum-iceland-scenario-data-caps-3rd-party-android-stores-nuclear-amazon\/","url_meta":{"origin":4017,"position":0},"title":"Maximum Iceland Scenario – Data Caps, 3rd Party Android Stores, Nuclear Amazon","author":"NCCT","date":"November 8, 2024","format":false,"excerpt":"https:\/\/youtu.be\/P5MkCwktKz0 Data Caps, 3rd Party Android Stores, Nuclear Amazon \u2022 Google must crack open Android for third-party stores, rules Epic judge \u2022 Google asks 9th Circuit for emergency stay, says Epic ruling \u2018is dangerous\u2019 \u2022 Canceling subscriptions is about to get easier \u2022 The FCC is looking into the impact\u2026","rel":"","context":"In "Software"","block_context":{"text":"Software","link":"https:\/\/nccomputertech.com\/techtalk\/category\/software\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/P5MkCwktKz0\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9655,"url":"https:\/\/nccomputertech.com\/techtalk\/2021\/03\/09\/fuquay-varina-and-holly-springs-computer-repair\/","url_meta":{"origin":4017,"position":1},"title":"Fuquay Varina and Holly Springs Computer Repair","author":"NCCT","date":"March 9, 2021","format":false,"excerpt":"Welcome to our blog. NC Computer Tech services Fuquay Varina, Holly Springs, and surrounding NC areas. We offer prompt, professional, courteous service with over twenty years of experience dealing with residential and small business clients offering them solutions and fixing their computer and network issues at reasonable rates. Our services\u2026","rel":"","context":"In "Technology"","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9341,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/05\/20\/this-week-in-tech-667-give-me-your-history-hat\/","url_meta":{"origin":4017,"position":2},"title":"This Week in Tech 667: Give Me your History Hat","author":"NCCT","date":"May 20, 2018","format":false,"excerpt":"https:\/\/youtu.be\/1aKshseSHiQ Microsoft's new Surface Hub 2. Google Duplex freaks everyone out. GDPR shouldn't freak people out - unless you work in adtech. Fortnite is coming to Android. Apple caves in to China again, pays some Irish taxes, and goes shopping for a new campus. Washington D.C is full of Stingray\u2026","rel":"","context":"In "Microsoft"","block_context":{"text":"Microsoft","link":"https:\/\/nccomputertech.com\/techtalk\/category\/microsoft\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/1aKshseSHiQ\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9297,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/02\/11\/this-week-in-tech-653-x-stands-for-nothing\/","url_meta":{"origin":4017,"position":3},"title":"This Week in Tech 653: X Stands for Nothing","author":"NCCT","date":"February 11, 2018","format":false,"excerpt":"https:\/\/youtu.be\/9vdjtG9ozeQ HomePod should have been delayed longer. Elon Musk's rollercoaster week: Falcon Heavy sends a Tesla to Mars just as Tesla has its worst quarter ever. iPhone boot code leaked online. Chrome will shame insecure websites. YouTube suspends Logan Paul for generally being a horrible human being. Rethinking Facebook and\u2026","rel":"","context":"In "Technology"","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/9vdjtG9ozeQ\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9401,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/09\/24\/this-week-in-tech-685-emotional-support-ham\/","url_meta":{"origin":4017,"position":4},"title":"This Week in Tech 685: Emotional Support Ham","author":"NCCT","date":"September 24, 2018","format":false,"excerpt":"https:\/\/youtu.be\/IbGOPvI5Owk Apple Watch and heart health, Magic Leap first look, your future Amazon House, and more. \u2022 iPhone XS and XS Max are flying off the shelves (especially in Santa Rosa). \u2022 Pixel 2 camera beats the iPhone XS. \u2022 Why the dual-sim iPhones are a bigger deal than you\u2026","rel":"","context":"In "Apple"","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/IbGOPvI5Owk\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9385,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/07\/23\/this-week-in-tech-676-falling-asleep-as-the-robots-wake-up\/","url_meta":{"origin":4017,"position":5},"title":"This Week in Tech 676: Falling Asleep as the Robots Wake Up","author":"NCCT","date":"July 23, 2018","format":false,"excerpt":"https:\/\/youtu.be\/uV5cQYtuJjU This Week in Tech - The future is flying cars! (Or not-flying cars, perhaps holes in the ground.) - Apple's new MacBooks suffering from thermal throttling - is it the end for Intel? - Google hit with $5 billion fine by EU for Android shenanigans. - Will Fuschia be\u2026","rel":"","context":"In "Apple"","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/uV5cQYtuJjU\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/4017","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=4017"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/4017\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=4017"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=4017"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=4017"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}