Security researchers have uncovered a monstrous mobile botnet in China comprised of over a whopping one million victims! The Trojan that powers the botnet, Android.Troj.mdk, was first discovered back in 2011. Lack of awareness over mobile security threats has attributed to the botnet breaking the one million victim mark.
The trojan has been found hidden in more than 7,000 apps, including popular games such as Temple Run and Fishing Joy. Questions about its wide dispersion are fueling concerns as to the trojan's origin and whether this was a state sponsored hack for the Chinese government to spy upon its residents. The malware was discovered on a third party marketplace (not the Android Market).
Security researches claim the following upon infection:
The following data was seen transmitted by the malware:
- IMEI number
- Cell ID
- IMSI number
- Location Area Code
- Mobile Network Code
As is common with hacking schemes on Android phones, unlicensed third-party app stores are likely to have played host to the Trojan before being downloaded by unsuspecting victims. Once installed, the attacker can remotely control the victim’s smartphone, enabling them to steal sensitive data, download additional apps and generate adware. Revenue generation results through premium SMS, telephony, and video services. Premium SMS numbers in China tend to cost around $0.15 to $0.30 per message, and while this may not seem particularly expensive, it quickly adds up when you factor in the number of active infected devices on the botnet and how most users likely would not notice the infection right away.We can see the botmaster is generating anywhere between $1,600 to $9,000 per day and $547,500 to $3,285,000 per year the botnet is running.
Kaspersky Labs conducted a study into which Android iteration was subject to the greatest security threat, and found that the now-outdated 2.3 Gingerbread version attracted the most attacks.
Users in China have since been advised to monitor their call and data records for unusual activity that may point to an infection.
VIA:
