toggle

AAPL Stock: 109.27 ( -1.1 )

Printed from http://www.macnn.com

New Android malware aims at custom ROM users

updated 06:50 pm EDT, Thu June 16, 2011

Android trojan jMSMHider attacks non-stock ROMs

A new instance of Android malware was found late Wednesday that attacked those running custom firmware on their phones. The jSMSHider takes advantage of most unofficial ROMs using a publicly listed key from the Android Open Source Project to trick them into loading apps without permission, according to Lookout Internet Security. Infected code carries a hidden arsenal that talks to an outside server and can send or receive SMS messages without permission, install other apps, or load web links in the web browser without informing the user.

Even those that don't install the extra content are still likely to face the SMS and web exploits, the anti-malware firm said.

No mention was made of which firmware was directly at risk, although it did include older versions of CyanogenMod. An update to the most recent version of CyanogenMod 7 should patch the hole. All of the rogue apps are so far in Chinese stores working outside of Android Market and out of Google's control.

The impact of the trojan isn't expected to be as rampant as for other Android malware attacks given that only a small portion of Android users go beyond what Google or the phone designer implemented. The exploit nonetheless creates added risk and diminishes claims that rooting an Android phone gives it an advantage not just over stock ROMs but over iOS.

iOS has been subject to malware attacks, but so far only on jailbroken devices where, like root on an Android phone, apps were given explicit permission to run without being checked.




by MacNN Staff

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

Follow us on Facebook

toggle

Most Popular

Advertisement

Recent Reviews

Blue Yeti Studio

Despite being very familiar with Blue Microphones' lower-end products -- we've long recommended the company's Snowball line of mics ...

ZTE Spro 2 Smart Projector

Home theaters are becoming more and more accessible these days, but maybe you've been a bit wary about buying a home projector. And h ...

MSI Geforce GTX 970 100ME

When Nvidia announced a new line of video cards in September 2014, many people thought things would continue to be business as usual i ...

toggle

Most Commented