A new Android Malware surfaced today named UpdtBot. It disguises itself as a system upgrade and spreads via SMS messages, which contain a link to the malicious application file. Once installed, UpdtBot registers a remote Command and Control (C&C) server, which instructs the infected device to send text messages, make phone calls, and download and install apps.
NQ Mobile estimates that up to 160,000 devices may already be infected, but is unsure as to how it is being used by those that spread the infection. Their guess is that it is being deployed for use in some sort of moneymaking scheme. However it looks initially as if these infections are mainly on Chinese mobiles. There are no current reports that the malware has made its way into Google Play or the Amazon Appstore.
- Never follow links in emails or SMS messages from untrusted sources.
- If an offer (called the link bait) sounds like it is too good to be true, it probably is.
- Download apps from trusted app markets, and always look at the reviews and ratings.
- Be on the look out for strange charges to your phone bill.
Some days ago a malware was surfaced which Can Remotely Root Phones Without Permission.
Source: NQ Mobile