MisoSMS Malware Steals Data from the Mobile Phone

MisoSMS Masquerades as Google VX

There, caution is advised: the security company FireEye has discovered a very large and advanced Android botnet, which is hidden away deep in the operating system of the phone. The botnet MisoSMS clever disguises itself as “Google Vx”, sniffed around, and forwards all messages to criminals in Asia. MisoSMS is infected apps on the phone. FireEye according to most virus scanners have not recognized it.

The malware MisoSMS comes with infected apps on the phone and then forwards SMS short messages to criminals. How it works: If the user wants to install the app on his cell phone, she asks for the first time after the administration rights. Once the user has confirmed they malware MisoSMS the error message pops up, that the app does not properly has can be install and is therefore deleted. This is however just a fake: MisoSMS malware is hidden in truth only on the phone from the users. Most other variants of malware send the SMS of the user in the background on the phone. Not so MisoSMS: the malware MisoSMS sent the of of short messages to one of 450 previously known email addresses. In addition to the telephone number and the contents of the SMS informs the thieves over the date and the device ID of the mobile phone MisoSMS and sends this data then collected on the E mail addresses.

FireEye according to the infected with the malware apps via VirusTotal by various anti-virus tools were tested the security company, but MisoSMS was discovered only by the very few antivirus programs. The criminals who are behind the malware MisoSMS, login with the spied out data from China and Korea to the mail accounts. They are so far above all in Korea, but that doesn’t mean that the malware to us moves.