Symantec thinks that the reason the malware wasn't discovered until a few weeks later was because it used an outside service to download the main package.
Symantec's blog states:
In the case of Android.Dropdialer, the first stage was posted on Google Play. Once installed, it would download an additional package, hosted on Dropbox, called ‘Activator.apk’. This additional package sends SMS messages to a premium-rate number. An interesting feature of the secondary payload is that it prompts to uninstall itself after sending out the premium SMS messages—an obvious attempt at hiding the true intent of the malicious app.This newest malware discovery shows that people should be careful about downloading any app, even on authorized download services.
0 comments:
Post a Comment