Fraudsters distribute Android-Trojan, in the name of service Avito.ru

Experts of "Doctor Web" revealed another way by which cybercriminals attack subjected smartphones based OS Android. Attackers using the name and popularity of the service for free ads Avito.ru, organized newsletter SMS-spam whereby Android-spread Trojan. In the resulting user SMS, allegedly sent a popular service for free ads Avito.ru, reported pop response to previously posted an ad, and was a link that was required to pass for acquaintance with him. Thus, the target audience of this attack, to a greater extent, is a real service customers really expect an answer to your ad. However, after the transition to the specified address instead of the intended web page the user gets to a fraudulent site, you boot from the Trojan Android.SmsSpy.88.origin, which is a SMS-bot.

After installing and running Android.SmsSpy.88.origin prompts the user for access to the administrative features of the mobile device (a very popular current method of self-defense malicious Android-programs), and then removes the icon from the main screen of the operating system. Next, using the SMS-messages, the Trojan sends attackers some general data about the infected mobile device its name, manufacturer, IMEI-identifier information about the operator, as well as the operating system version. The malware then connects to a remote server and waits for commands from a receipt, which may include instructions to start or stop the service to intercept incoming SMS, sending short messages with the specified text to the specified number, the implementation challenges, as well as sending SMS through all available in phonebook contacts.

In addition, attackers can control the Trojan and using SMS-messages. In this form Android.SmsSpy.88.origin able to receive commands to send SMS with the given parameters, and to enable or disable unconditional forwarding for all incoming calls. Thus, having a very typical functionality for sending SMS-messages, the Trojan is released the ability to perform redirection of calls to a specific number of intruders that actually allows them to establish control over all incoming calls. In practice, this gives an opportunity not only to cybercriminals to gain access to a range of confidential information, but also in some cases to implement a number of fraudulent activities.