Android Malware App Secretly Sends Multiple Texts

Security software vendor Symantec has issued an advisory about a malicious new Android app that sends text messages without users' knowledge, leading to costly bills.

The company said that the Steamy Windows app has been modified by Chinese hackers with a backdoor trojan and released into the wild.

The app is available through various third party Android app stores across the web and is being downloaded by unsuspecting Android users.

Vikram Thakur, a principle security response manager at Symantec, explained that the Android.Pjapps trojan virus found in the app is capable of installing other malicious apps on the infected device, manipulate a device's web browser bookmarks, redirect users to a malicious website and send text messages in huge quantities, resulting in high texting bills.

Hackers are minting money on a commission basis by remotely sending text messages to premium rate numbers. The malware is capable of monitoring in-bound text messages and preventing users from getting notifications from their service providers that they have crossed their free messages quota.

“For someone who knows what they're doing - and it seems these people have a good understanding of how apps are coded - I'd put this in the 'trivial to do' category. The last few months, it seems to be ramping up,” Thakur said.