Printed from http://www.electronista.com

New Android malware aims at custom ROM users

updated 06:50 pm EDT, Thu June 16, 2011

Android trojan jMSMHider attacks non-stock ROMs

A new instance of Android malware was found late Wednesday that attacked those running custom firmware on their phones. The jSMSHider takes advantage of most unofficial ROMs using a publicly listed key from the Android Open Source Project to trick them into loading apps without permission, according to Lookout Internet Security. Infected code carries a hidden arsenal that talks to an outside server and can send or receive SMS messages without permission, install other apps, or load web links in the web browser without informing the user.

Even those that don't install the extra content are still likely to face the SMS and web exploits, the anti-malware firm said.

No mention was made of which firmware was directly at risk, although it did include older versions of CyanogenMod. An update to the most recent version of CyanogenMod 7 should patch the hole. All of the rogue apps are so far in Chinese stores working outside of Android Market and out of Google's control.

The impact of the trojan isn't expected to be as rampant as for other Android malware attacks given that only a small portion of Android users go beyond what Google or the phone designer implemented. The exploit nonetheless creates added risk and diminishes claims that rooting an Android phone gives it an advantage not just over stock ROMs but over iOS.

iOS has been subject to malware attacks, but so far only on jailbroken devices where, like root on an Android phone, apps were given explicit permission to run without being checked.



By Electronista Staff
toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lacking ...

Sponsor

toggle

Most Commented

 
toggle

Popular News