Mobile Malware Dubbed ‘Bill Shocker’ Targets Chinese Android Users

Type threatpost
Reporter Anne Saita
Modified 2013-04-17T16:30:49


Android securityA new bit of malware is targeting popular apps on Android mobile devices to spew costly spam.

Beijing- and Dallas-based NQ Mobile said at least 600,000 Chinese users have been hit with the malicious code named “Bill Shocker” (a.expense.Extension.a) because it runs up the bills of infected users while sending spam messages using their devices. So far, the infection seems contained to China, but its success may pose an international danger based on current traction.

Related Posts

TCP Flaw in Linux Extends to 80 Percent of Android Devices

August 15, 2016 , 5:10 pm

Google Patches Dozens of Critical Qualcomm Components Flaws

August 1, 2016 , 2:00 pm

Google Details Linux Kernel Defenses, New and Old

July 28, 2016 , 1:23 pm

Thus far the Trojan has infected popular mobile apps like Tencent QQ Messenger and Sohu News sold in third-party online stores. Once a user downloads an infected app on an unprotected phone, Bill Shocker enters surreptitiously and takes remote control to, among other things, rummage through contact lists and messaging apps to send spam via text messages that eventually trigger overage charges on the unsuspecting user’s account.

The company’s determined that the malware can update itself and “automatically expand to other apps, multiplying the potentially disastrous effects,” according to a blog post.

NQ Mobile advises smartphone users to use caution to avoid infection. They include downloading apps only from trusted sources, closely monitoring permissions and phone activity for any unusual behavior.