Cybercrooks using Google Cloud Messaging to target Android
Cybercriminals have started targeting Android devices using the Google Cloud Messaging (GCM) service, according to research from Kaspersky Lab.
The GCM service allows Android-based app developers to communicate with their programs installed on users’ devices, sending information ranging from notifications to application commands.
But cybercriminals have discovered that they can use GCM in place of command and control servers to manage infected Android devices. They can access GCM simply by registering developer accounts with Google.
Kaspersky Lab has detected samples of a piece of malware that uses GCM. Trojan-SMS.AndroidOS.OpFake.a can send SMS to premium numbers without users’ knowledge, steal messages and contacts, delete incoming messages and create shortcuts to malicious sites.
Due to the capabilities of GCM, Kaspersky Lab senior malware analyst Roman Unuchek said the surprise would be if malware writers were not making use of the service.
“The only way to block these channels of communication between the virus writers and their malware is to block the accounts of those developers whose IDs are used when registering malicious programs,” he said.
Kapersky Lab ANZ technical manager Sam Bryce-Johnson added that local consumers and businesses will face more Android threats as the platform increases its dominance in the Australian smartphone market.
Emergency onboarding: what to do before and after a data breach
Organisations that have an emergency onboarding plan are better positioned to have their business...
Savvy directors are demanding more points of proof when cyber incidents occur
Pre-agreement on what a post-incident forensics effort should produce — and testing it out...
Cyber-attack prevention is better than a cure
Corporate and political decision-makers need to invest in areas that do a better job of...