A new version of the Selfmite SMS worm has been detected, which sends messages to a user’s entire contacts book in a loop.
Security company AdaptiveMobile said that more than 150,000 spam messages have been sent during the past 10 days from over 100 devices in 16 countries. The company said this is 100 times greater than Selfmite.a, the original version of the bug.
Users’ smartphones are infected if they click on the URL contained within a text and then download and install the Android application package. Smartphone owners are directed to an app on the Google Play store or redirected to unsolicited subscription sites. AdaptiveMobile said Selfmite.B is more sophisticated than its predecessor, which was first identified in June, and varies content according to a user’s IP address.
Once activated, victims continue to receive spam SMS until the originator’s operator detects and blocks the messages or the user uninstalls the malware.
Denis Maslennikov, Security Analyst at AdaptiveMobile, commented: “This is Selfmite returning on steroids. It’s more aggressive self-propagating capabilities means more victims. In addition, it uses multiple links to engage with users, increasing its monetization potential. This additional level of complexity makes Selfmite.b a real concern for both mobile carriers and users.”
A report last month from Alcatel-Lucent found that attacks on Android devices were on the increase, with 15 million smartphones infected during the first half of 2014.
Mobile malware infections rose by 17 percent during January and June, almost twice as fast as the increase seen across the whole of last year. Consumers were facing an increased risk of data theft and bill shock.