‘Love trap’ malware for Android in China-based app store

There will be little to "love" in an application for phones and devices running Google Inc.’s Android operating system: It retrieves an infected phone’s International Mobile Subscriber Identity (IMSI) number and subscribes the victim to certain services. Computer security firm Trend Micro said the malware, detected as ANDROIDOS_LUVRTAP.B, can also come across as an e-book reader and a location tracker. But Trend Micro said these apps, which are offered in a China-based third-party app store, should raise suspicion because they ask for too many permissions on the phone or device. “Upon execution, it [malware] retrieves the affected user’s IMSI and sends it to a certain URL (Uniform Resource Locator). It also sends SMS messages to subscribe the user to certain services, eventually leading to unwanted charges for the affected user," it said in a blog post. It also said the malware automatically executes once the Android device is rebooted after installation. Trend Micro said that while the apps have since been taken down from the app store, users should remain cautious in installing applications on their devices. “Take note of their description, make the permission requests are valid, and watch out for any suspicious routines such as the automatic sending of SMS messages," it advised. — LBG, GMA News