SOURCE: TrustGo Mobile

TrustGo Mobile

August 17, 2012 22:00 ET

TrustGo Security Labs: Powerful New Virus Remotely Controls Mobile Payments

Hackers Gain Access to Mobile Payments of More Than 500,000 Users

SANTA CLARA, CA--(Marketwire - Aug 17, 2012) - TrustGo Mobile Inc. (TrustGo), a leading mobile security company, today announced that TrustGo Security Labs has discovered a new and extraordinarily aggressive virus in China's largest Android marketplace, GFan. Named Trojan!SMSZombie.A, the virus gives hackers remote control over victims' mobile SMS payments system allowing them to covertly authorize payments in any amount and at any time they wish. This new virus is also noteworthy because it includes self-protection mechanisms that make it difficult to eliminate. Since its discovery on July 25th, the virus has been found in 7 apps in Chinese android markets and has infected more than 500,000 users. This virus' aggressiveness and advanced capabilities are believed to be a significant threat. 

SMSZombie.A is distributed in popular live wallpaper apps and hides its viral payload by prompting users to accept additional files after installation. When users are tricked into taking this action, the malicious app displays a prompt to activate a new service that cannot be cancelled, and upon acceptance it then installs the code and disables users' ability to easily delete it.

Thus far, a number of provocatively named apps on www.GFan.com have been infected with SMSZombie. These include an app titled, "Android Animated Screensaver: Animated Album I Found When I Fixed My Female Coworker's Computer" as well as others with similar titles.

"By waiting to deliver malicious code until after installation, this virus is difficult to detect," said Xuyang Li, CEO of TrustGo. "Sophisticated malware like this highlights the fact that the openness of the Android platform is a double-edged sword... Users are able to access an amazing breadth and variety of apps, but must take precautions to ensure the apps they want have not been compromised by hackers. Using TrustGo's patent-pending Secure App Finder Engine™ (SAFE) Technology to pre-screen apps is the only way to avoid infection from SMSZombie.A, the virus we discovered in early July known as MMarketPay.A, and thousands of other dangerous viruses."

To identify whether a device has been infected with this new and dangerous virus, users should download the TrustGo Antivirus and Mobile Security™ app. For a detailed description of this new virus visit http://blog.trustgo.com/SMSZombie. For complete instructions on how to permanently eliminate all remnants of the virus code, visit: http://www.trustgo.com/en/SMSZombie-eliminate.

Quick Tips for Securing Your Android Device

  • Download TrustGo Antivirus and Mobile Security™ app so you can:
    • Check the security of every app before downloading using TrustGo Secure App Finder Engine (SAFE)
    • Scan malware in real time and have full knowledge that the new app you're downloading is not a malicious clone or compromised with a virus or risky behaviors.
    • Browse the web securely as TrustGo will notify you instantly when a site you're browsing is known to be malicious or part of a phishing scheme.

About TrustGo Mobile Inc.
TrustGo, a Santa Clara-based mobile security company, provides Android users the freedom and confidence to find, download and use the apps they love, wherever they find them. Dedicated to providing the ultimate security platform for Android smartphones and tablets, TrustGo's app offers a comprehensive suite of advanced security and mobile device management (MDM) features to the consumer for free. In addition to protecting users against traditional threats such as malicious app activity, privacy breaches, identity leaks, device loss and theft, TrustGo prevents users from downloading dangerous apps through its Secure App Finder Engine (SAFE). TrustGo was founded by web security veterans in 2011. TrustGo is available now on Google Play (https://play.google.com/store/apps/details?id=com.trustgo.security). For more information, visit TrustGo at www.trustgo.com 

Contact Information