Kaspersky Lab has detected a new mobile Trojan that targets Android devices while camouflaged as an innocent game of Tic-Tac-Toe. The Gomal Trojan collects information about the devices it infects and sends all that data to its master server. But this malicious program also has new functions that are rarely seen in this type of malware.
Gomal camouflage
FREE Webinar on Oct. 21 at 3:30pm EDT: The Top 3 Threats to Retail IT Security and How You Can Defend your Data
“This seemingly harmless game of TicTacToe gives cybercriminals access to an enormous amount of the user’s personal data and corporate data belonging to his employer. The techniques used by Gomal were originally implemented in Windows Trojans, but now we can see they have moved on to Android malware. What’s more alarming is that this technique can be adapted to steal data from other applications as well as Good for Enterprise. It is therefore likely that a range of mobile malware designed to attack popular email clients, messengers and other programs will appear in the near future,” says Anton Kivva, antivirus analyst at Kaspersky Lab.
To reduce the risk of infection by mobile malware we recommend that users:
· Do not activate the “Install applications from third-party sources” option.
· Only install applications from official channels (Google Play, Amazon Store, etc.).
· When installing new apps, carefully study which rights they request.
· If the requested rights do not correspond with the app’s intended functions, do not install the app.
· Use protection software.
More details about the Gomal Trojan are available at Securelist.com.
About Kaspersky Lab
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.