Latest Android malware makes Anonymous calls through Google Talk, sends SMS messages and steals personal data masquerading as a simple stopwatch app!
As technology giants are gearing for superior security, cybercriminals are also acquiring new tactics to attack users. In their latest scam, cybercriminals have developed an Android malware that has the ability to make malicious calls through Google Talk.
The malware dubbed as Android/Trojan.Pawost was actually found infecting a stopwatch app on Google Play store and upon installing it used Google Talk to call on unknown numbers with an area code of 259. That’s not all, the malware has the ability to send SMS messages and even block incoming SMS messages.
Further analysis from Nathan Collier of Malwarebytes revealed the 259 area code is unassigned to any region in the United States and considered to be invalid. Pawost originates from China and for now, it may have been only targeting Chinese users.
Collier also found that Pawost does more than just calling. It gathers user’s personal data, it also steals the International Mobile Subscriber Identity or IMSI, International Mobile Equipment Identity or IMEI, and Chip/Smart Card Interface Devices or CCID that is used for operating USB connected Credit Card readers. On top of all this, it steals details about other installed apps and the version of the infected smartphone and sends them to a remote server.
Researchers are still studying Pawost and it’s origin. So far it looks like a one of its kind malware that will definitely come up with more techniques and abilities to further damage Android devices.
Stay tuned we are in contact with Malwarebytes to get detailed analysis on this malware.