Oh Google Android, you’re growing up so fast. It seems like just yesterday that you got official support for WiFi tethering and stared activating on about 200,000 handsets per day. Now it looks like you’re the target of hackers.
Computer security firm Kaspersky says it’s detected the first SMS Trojan designed to infect Android smartphones, and it’s already been found in the wild, having infected “a number of mobile devices.”
The Trojan is called Trojan-SMS.AndroidOS.FakePlayer.a, and it disguises itself as a media player app. Users are asked to install a 13KB APK file. Once it’s installed, the Trojan stats sending text messages to premium numbers without letting you know. In other words, charges will show up on your monthly phone bill for money you unwittingly paid to the accounts of the folks behind the malware. Right now, ReadWriteWeb reports that only Russian Android users are actually losing money after installing the app, but that could change in the future.
Here’s the good news: This particular Trojan won’t install automatically. You have to actively install the application. Although it’s likely that FakePlayer will continue to disguise itself as other third party software, you can often avoid this sort of infection by paying close attention to the permissions an app requests when you click the install button.
Kaspersky plans to launch security software for the Android platform next year, and Norton has already launched a Security suite for Android devices. Malware is definitely a growing problem in the mobile phone space — but right now it’s not a particularly large or widespread problem. Most Android spyware and malware, for instance, can be avoided by paying attention to the apps you install.