News

Chinese Android game The Roar of the Pharaoh acts a vector for premium SMS malware

Steals your info, drains your wallet

Chinese Android game The Roar of the Pharaoh acts a vector for premium SMS malware
|

Anti virus software company Sophos has reported a new trojan in the world of Android gaming.

It shows how sophisticated scammers are becoming as it's attached to a legitimate Chinese game - The Roar of the Pharaoh.

As there's no official Google Play marketplace in China, all Android distribution happens through over a hundred operator, OEM and aggregator app stores, which aren't always well administrated.

Sophos has identified the malicious program as Andr/Stiniter-A which piggybacks onto a user's device along with the download of The Roar of the Pharaoh.

What makes the trojan unusual from other malicious programs is that it does not ask the user for any specific permissions during installation - it simply sets itself up and runs happily in the background.

Insane in the membrane

After download, the trojan harvests information about the phone (IMEI, phone model, screen size, platform, phone number, and OS version) and sends it to the authors of the malicious program.

Worse still, Andr/Stiniter-A will then use the infected phone to send text messages to premium rate SMS numbers and is fully capable of reading your incoming and outgoing texts as well.

Those with experience at disinfecting and troubleshooting a compromised device will find Andr/Stiniter-A a tough nut to crack - or even detect as it masquerades as a generic service called GameUpdateService in order to deflect suspicion.

Once again, it underlines the importance of only downloading content from official sources, especially on Android devices.

[via: Sophos]

Matthew Diener
Matthew Diener
Representing the former colonies, Matt keeps the Pocket Gamer news feed updated when sleepy Europeans are sleeping. As a frustrated journalist, diehard gamer and recovering MMO addict, this is pretty much his dream job.