Friday, 16 August 2013

Yet another free service for Android developers

Google Cloud Messaging is a great way for developers to manage legitimate applications - but the service has proved to be an unwitting accomplice to cybercrime. Kaspersky Lab has detected several popular malicious programmes which use GCM as a cheap and easy communication channel with the crooks which created them, says a company statement.Google Cloud Messaging (GCM) allows application developers to communicate with programs installed on the users’ smartphones and tablet. They can send a range of information, from ordinary notifications to commands for the applications themselves. The service is used for locating stolen phones, remotely configuring phone settings, mailing messages about new game levels or goods and more.This service was developed to make it easier for Android-based app developers to support programs downloaded and installed on users’ devices. Thanks to Google Cloud Messaging (GCM), the authors of the programs do not need to build their own IT infrastructure to do this. However, GCM has its attractions for cybercriminals, who have started to use it to replace Command and Control servers. This makes it quicker and cheaper to manage infected Android devices, simply by registering on the Google service.
Kaspersky Lab specialists have detected several samples of dangerous malware targeting Android owners which use GCM to receive commands from the fraudsters. For example, Trojan-SMS.AndroidOS.FakeInst.a can send text messages to premium numbers and delete incoming messages, or create shortcuts to malicious sites and show notifications containing adverts of other malicious programs that are distributed in the guise of useful applications or games. Trojan-SMS.AndroidOS.OpFake.a, in addition to sending text messages to premium numbers, can steal messages and contacts, delete incoming messages and commit a host of other crimes.Roman Unuchek, Senior Malware Analyst at Kaspersky Lab is not surprised by the appearance of malicious programs that use the Google service. He said: “It would be strange if virus writers were not taking advantage of the opportunities offered by this service. At present, there is not much mobile malware using GCM, but some of the programs are already quite popular. They are widespread in some parts of Western Europe, the CIS and Asia. The only way to block these channels of communication between the virus writers and their malware is to block the accounts of those developers whose IDs are used when registering malicious programme. We have informed Google about the detected GCM-ID which are used in malware".

Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its more than 15-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide.

1 comment:

  1. Hi. I really enjoyed my brief visit on your site and I’ll be sure to be back for more.
    Can you please consider placing my website on your link list?

    Please email me back.