This post is also available in: עברית (Hebrew)
Russian text messages containing links to android-based malware began reaching users all over the world recently, including Israel.
A new malware is spreading through text messages appearing to come from people you may know. The message containes a smiley and russian text inviting users to click an attached link, which supposedly leads to a picture. “Hello, a picture for you:” and a link to the malware itself. The head of the cyber branch at the Israeli Ministry of Internal Security sent this warning to ministry employees: “Recently a new worm malware came to our attention, infecting android devices around the world over the last few hours. It even infected a few devices in Israel. Its method of attack: The virus operates from an infected mobile device, sending a message to all contacts containing a link to a website and several illegible letters. Clicking the link installs a malicious software on the device which then begins uploading personal information to the internet. Do not click the attach link. If you receive this message delete it immediately.”
“This is a relatively simple malware. All it does is send text messages to premium numbers, right now it appears that it doesn’t actually steal information stored on infected devices.” This according to Alon Goldfiz, senior systems engineer at Fortinet, in an interview with . “The messages reached thousands of users in Israel. The exact origin of the malware is unknown, but its operators are definitely from Russia because the server the link leads to is Russian. Since the virus spreads to personal contacts it probably reached many Israeli users with family or friends in Russia, and from there spread to thousands of additional users in Israel.”
Recently there have been more and more incidents of malware spreading through mobile devices and social networks. Information concerning these threats usually comes from private information security companies rather than official law enforcement organizations who deal with these issues. In many cases even when these organizations are aware of the threat they choose not to make it known to the public. If the Israeli Internal Security Ministry was aware of the problem why didn’t it report the threat in order to warn the general public, and instead only warned its own employees? Ministry representatives explained that “The Internal Security Ministry is not in charge of handling these issues on the national level. It’s the responsibility of the General Security Service, Prime Minister’s Office and National Cyber Command.”
“Viruses aimed at android devices are a recent phenomenon. Over the last year several similar viruses popped up, some stealing information and some stealing calls. Cellular viruses are definitely on the rise and are sure to draw a lot of attention from the industry,” concluded Goldfiz.