Mobile security researchers have discovered a server located in Germany that hosts more than 1,300 websites dedicated to distributing mobile malware as threat to mobile users continue to escalate.
The revelation comes amid signs of the increasing threat to the Android platform.
The German server hosts five categories of sites, based on the guise they use for distributing the malicious code: Android Market apps; Opera Mini apps, pornographic apps; app storage sites; and others that were inaccessible during the time of checking, said Paul Pajares, a fraud analyst with Trend Micro.
“[These] sites that are used to launch mobile malware, targeting Android OS and Symbian,” said Pajares.
Earlier this week, Xuxian Jiang, a computer scientist at North Caroline State University posted details of a new piece of Android-based malware, dubbed RootSmart.
RootSmart is notable because it appears to be one of the first examples of botnet malware targeted at Android handsets.
Once installed, the malware will surreptitiously contact command and control servers and attempt to download a root exploit, known as GingerBreak.
Analysis of RootSmart by Cathal Mullaney, at Symantec, suggests that the malware has been used to send premium rate SMS.
“We can see the botmaster is generating anywhere between $1,600 to $9,000 per day and $547,500 to $3,285,000 per year the botnet is running,” said Mullaney.
The malware comes bundled with a legitimate application for configuring phone settings that is available via a third-party app store. It has not yet been spotted in Google's official Android Market.
And, yep, it'll run Android rather than RiscOS
US engineering giant's cost-cutting outsourcing plan is on the rocks, according to insiders
HP Envy X2 laptop only affordable if you've got loadsamoney
Counterfeit code-signing certificates enabling hackers to hide malware being sold by cyber criminals
Certificates can be used as part of layered obfuscation to evade detection by anti-virus software