Carrier IQ breach via Android app malware
The Carrie IQ controversy rears its ugly head again today with news that Carrier IQ software is being search for by a new Android malware that is targeting smartphone users in France and the Android Trojan app is called Android.Qicsomos and is apparently spread via spam or phishing.
According to an article over on Gadgets, by way of the Symantec Blog, the Android.Qicsomos is a modified version of an open source project meant to locate Carrier IQ but has additional code to dial a premium SMS number.
Apparently the Trojan isn’t on the Android Market, but shows up in the handset menu with an icon that resembles a major European telecom operator.
According to the Symantec researcher Irfan Asrar, “We cannot find any trace of this on the Android Market, which leads us to believe there may be a social engineering vector being used to spread the malware, such as a spam or phishing campaign pretending to be from an official carrier asking the users to download and run the software.”
Asrar advises that the safest way to get rid of the offending app is to uninstall it via the application management settings in the main menu and further says that the app contains a certificate published via the Android Open Source Project, but only older handsets might be fooled, whilst most commercial devises shouldn’t be affected.
Apparently the malicious code works when the button called “DÃ©sinstaller” is pressed within the app and once activated shoots off 4 SMS messages to 81168, which is a premium rate number.
Feel free to let us know if you have been affected by this Android.Qicsomos malware by posting to our comments area below.
If you have enjoyed this Phones Review article feel free to add me to your circles on Google+ and I will of course add you back.