Printed from http://www.electronista.com

New Android malware aims at custom ROM users

updated 06:50 pm EDT, Thu June 16, 2011

Android trojan jMSMHider attacks non-stock ROMs

A new instance of Android malware was found late Wednesday that attacked those running custom firmware on their phones. The jSMSHider takes advantage of most unofficial ROMs using a publicly listed key from the Android Open Source Project to trick them into loading apps without permission, according to Lookout Internet Security. Infected code carries a hidden arsenal that talks to an outside server and can send or receive SMS messages without permission, install other apps, or load web links in the web browser without informing the user.

Even those that don't install the extra content are still likely to face the SMS and web exploits, the anti-malware firm said.

No mention was made of which firmware was directly at risk, although it did include older versions of CyanogenMod. An update to the most recent version of CyanogenMod 7 should patch the hole. All of the rogue apps are so far in Chinese stores working outside of Android Market and out of Google's control.

The impact of the trojan isn't expected to be as rampant as for other Android malware attacks given that only a small portion of Android users go beyond what Google or the phone designer implemented. The exploit nonetheless creates added risk and diminishes claims that rooting an Android phone gives it an advantage not just over stock ROMs but over iOS.

iOS has been subject to malware attacks, but so far only on jailbroken devices where, like root on an Android phone, apps were given explicit permission to run without being checked.



By Electronista Staff
toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Cambridge Audio DacMagic XS

Every computer with a microphone or headphone port has one -- a digital to analog converter (DAC). There are nearly as many chipsets a ...

D-Link Wi-Fi Smart Plug

Home automation fans have been getting their fair share of gadgets and accessories in the last few years. Starting with light bulbs, a ...

Razer Kraken Pro headset

Gaming headphones are a challenge to get right, for a long list of reasons that are unique to the consumer buying them. Some shoppers ...

Sponsor

toggle

Most Commented

 
toggle

Popular News