New Android malware disguised as racing game
Racing game addicts, beware. This racing game for devices running Google's Android system may be racing to send home the data on your phone to its controller. Computer security firm Trend Micro said the Trojanized Android app, "GoldDream," is disguised as a racing game called âFast Racing." "For a game, this Trojanized version needs a lot of permissionsâmore than is typical for an app like this," threats analyst Kevin Alintanahin said in a blog post. Alintanahin said that when the phone boots, the malware will start its service named "Market" â seemingly to trick the user that it is just a harmless service. The malware then monitors the userâs incoming text messages. Once a message is received, it will record the message and the original sender, and copy this to a text file named zjsms.txt. It will also keep logs of incoming and outgoing calls and save them in a file zjphonecall.txt. But he said this malware is also capable of communicating to a remote command-and-control (C&C) server. "(This) attack can (also) connect to alternative servers if instructed to do so by its current C&C server. In addition, it can also update itself, which may be an attempt to make it harder to detect and remove," he said. "Whatever C&C server it uses, it can phone home and send the phoneâs information such as device ID, subscriber ID, and SIM Serial Number," he added. The malware can even upload files, including the call and SMS logs. Alintanahin said the malware can also receive the following commands:
- install\uninstall apps
- make a call
- send a text message