Kaspersky Lab specialists have detected several samples of dangerous malware targeting Android owners which use GCM to receive commands from the fraudsters. For example, Trojan-SMS.AndroidOS.FakeInst.a can send text messages to premium numbers and delete incoming messages, or create shortcuts to malicious sites and show notifications containing adverts of other malicious programs that are distributed in the guise of useful applications or games. Trojan-SMS.AndroidOS.OpFake.a, in addition to sending text messages to premium numbers, can steal messages and contacts, delete incoming messages and commit a host of other crimes.Roman Unuchek, Senior Malware Analyst at Kaspersky Lab is not surprised by the appearance of malicious programs that use the Google service. He said: “It would be strange if virus writers were not taking advantage of the opportunities offered by this service. At present, there is not much mobile malware using GCM, but some of the programs are already quite popular. They are widespread in some parts of Western Europe, the CIS and Asia. The only way to block these channels of communication between the virus writers and their malware is to block the accounts of those developers whose IDs are used when registering malicious programme. We have informed Google about the detected GCM-ID which are used in malware".
Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its more than 15-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide.