A rare SMS worm is attacking your Android device!
Android does get attacked with Trojan apps that have no selfpropagation mechanism, so users don’t notice the malfunction. But here’s a different, rather rare, mode of attack that Android devices are now facing. Selfmite is a SMS worm attack. It is the second of such deadly viruses found in the past two months. Selfmite automatically sends SMSs to the users with their name in the message. The SMS contains a shortened URL which triggers users to install a third part APK file called TheSelfTimerV1.apk. The SMS says, “Dear [name], Look the Selftime..” Some remote server hosts this malware application. Users can find SelfTimer installed in the app drawer of their Android devices.
The Selfmite worm shows a pop-up to download mobogenie_122141003.apk, which offers synchronisation between Android devices and PCs. The app has over 50 million downloads on Play Store, but all are through various paid referral schemes and promotion programmes. Researchers at Adaptive Mobile believe that a number of Mobogenie downloads are promoted through some malicious software used by an unknown advertising platform. A popular vendor of security solutions in North America detected dozens of devices that were infected with Selfmite. The attack campaign was launched using Google. The short linked URL of this malicious app was distributed in the Google shortlink format. The APK link was visited 2,140 times. Later, Google disabled it.
Android devices detect apps from unknown and unauthorised developers. But some users enable installation authentication even for apps from ‘unknown sources’. Their devices become the targets for worms like this.