Apparently, it’s one of the largest botnet-based attacks on a mobile platform ever picked up and it’s been used to date in over 60 spyware campaigns.
All things first: What exactly is a botnet?
If you’re wondering what a botnet is, quite simply it’s a number of computing devices that have been infected without their owners knowing anything about it. The computers are then used to launch attacks such as spam email messages, spread viruses, attack computers and servers or root out identity information.
They’re sometimes called ‘zombies’ and it’s easy to see why – they act according the commands given to them. The number of botnet infected computers in the world numbers in the millions. Estimates vary but think 10 million and upwards and you’ll get a sense of the scale.
This mobile botnet has been dubbed MisoSMS and is stealing personal SMS messages and sending them over to China.
Botnet campaign command and control – China
At the moment its activity seems largely confined to Korea. However, 64 mobile botnet campaigns have been launched using MisoSMS. In a sense, this foreshadows the arrival of similar mass scale attacks in other parts of the world. Hackers are generally quick off the mark when it comes to this sort of thing.
Interestingly, MisoSMS is infecting Android devices by deploying malicious apps that masquerade as an Android settings app used for administrative tasks.
When executed, it secretly steals the user’s personal SMS messages and emails them to a command-and-control infrastructure hosted in China.
Apparently, hackers from Korea and mainland China, as well as other locations, are periodically logging into the MisoSMS command and control infrastructure to read through the SMS messages they are scooping up.
We’ve been warning about these type of app-related attacks for some time. This attack vector is growing in popularity – simply because many people download apps onto their mobile devices without thinking. A common trick used by hackers is to hide malicious code in well-known apps, fooling the user into thinking that they are safe.
Mobile Security against botnet
We’re currently running a beta test on BullGuard Mobile Security 2014, just to iron out bugs and make sure it’s ready for launch in February/March 2014. One its features is a sweeping virus scan that picks up infections so users don’t unwittingly become ‘botnet members’ or have their own details scooped up by malware.
Mobile malware is most definitely on the increase as the MisoSMS botnet shows. We’re estimating that it’s only going to become more pervasive and widespread as time ticks by. The opportunities for hackers are too good to pass by. That’s while we all need to be mindful and protective about our online identities and information.