NetQin Mobile, a provider of mobile Internet services with focus on security, has identified a new virus on Android devices, named ‘MSO.PJApps’.
The new virus causes leakage of private data and subscribes to fee-charging services without user’s awareness, causing financial losses to mobile users.
The company said that the virus on Android device was repackaged into the most popular mobile applications available for download from an application download site in China.
Once installed on a mobile device, without the device user’s consent or awareness, the virus surreptitiously connects to certain sites and sends text messages containing the mobile device’s IMEI number and other data to designated numbers controlled by a remote server.
In addition, the virus receives commands from the remote server to download and install software without user’s knowledge.
The company said the MSO.PJApps virus is injected into legitimate mobile applications and modifies the application entry in Manifest.xml to add certain modules and is activated in the background with a change in signal and when the relevant program starts automatically.
The company suggests mobile security service providers to download applications only from trusted sources, reputable application stores and markets, and to check reviews, ratings and developer information before downloading.
