A new piece of Android malware dubbed “Bill Shocker” has been discovered in China, after infecting some 620,000 users in the country. The threat is capable of SMS spamming from the infected device, offering remote control for the malware authors, collecting personal information, and even upgrading itself to newer versions with more functionality.
The findings come from the security research firm NQ Mobile, which used its RiskRanker cloud scanning engine to figure out Bill Shocker is more than your basic piece of Android malware. It comes as a kit designed by malware developers to infect several of the most popular apps in China, including Tencent QQ Messenger and Sohu News. The infected versions of these apps are then distributed by third-party online app stores and retail installation channels, according to the company.
Once you install an infected app, Bill Shocker is downloaded to your device in the background. The malware authors can optionally take remote control of your device, including the contact list, Internet connections, dialing, and texting functions.
From there, Bill Shocker uses the device to send spam text messages so that those behind the scheme can generate revenue from advertisers. In many cases, NQ Mobile said the threat surpassed users’ texting quotas, subjecting them to additional charges.
NQ Mobile has alerted Chinese mobile carriers of the threat to prevent its further spread and is offering a free anti-malware app to help protect all Android users. You can download it directly from here.
It’s worth noting that while 620,000 mobile users is nothing to scoff at, it’s actually less than 0.25 percent of the total number of Android users in China. This is hardly an epidemic.
Nevertheless, the security firm has offered the following common-sense tips to avoid having your Android phone getting infected with malware:
- Only download apps from trusted sources, reputable application stores, and markets; check reviews, ratings, and developer information first.
- Never accept application requests from unknown sources, and closely monitor requested permissions.
- Be sure to install a trusted security app that can scan other apps you download.
In short, stick to the Google Play Store. While threats like this one are rare, when they do occur, it’s almost always thanks shady third-party app stores.
See also – Android malware surged in Q3? Sure, but only 0.5% came from Google Play
Image credit: Flavio Takemoto
Get the TNW newsletter
Get the most important tech news in your inbox each week.