A new Android malware family is infecting smartphones through SMS phishing. To infect the potential victims, the malicious actors send them SMS texts containing links. 300 samples of the malware have been found in the wild so far. Security expert from Tripwire commented below.
Craig Young, Security Researcher at Tripwire:
“The answer to this and most other SMS based threats is as simple as not clicking links received from unsolicited SMS or e-mail messages. While there may be little one can do to protect against for example 0-day vulnerabilities within the Android media server, most SMS attacks do not leverage any vulnerability other than human nature.
Users who fell victim to this attack not only failed to adhere to this simple principle but they also granted administrator privilege to the unknown application. In Android, after an application has been installed, it can request that the user grant additional permissions to lower level functionality on the device. A common ploy I have observed with Android ransomware is that the app will nag the user with constant pop-ups until the user complies by granting Administrator access. Once granted, an app can lock the user out of the device and make itself virtually impossible to remove without the aid of security or debugging tools. The best bet when an app is persistently asking to become an Administrator is to hold the power button to restart the phone and remove the malicious application.
Keeping the options enabled to only install apps from Google Play and to verify apps upon installation will also minimize exposure to such threats.”