Smart phones have gotten too smart for their own good. If you’ve kept up with the latest Android news you’ve undoubtedly heard the latest threat: a fake Android app that uses malware to launch Distributed Denial of Service (DDoS) attacks from mobile phones around the world. It even sends out spam text.
Quickly dubbed “Android.DDoS.1.origin”, the threat was first reported by Doctor Web, a Russian antivirus and security firm. The trojan infects mobile phones by disguising itself as the Google Play app. It’s important to note that the app will take you to the Google Play store when activated, a move made by the creators to divert suspicion.
How the Android.DDoS.1.origin Works
The purpose of the Android virus is to hijack mobile phones via a centrally controlled command center operated by the perpetrators. Once your smart phone is infected it will communicate with its hacker-controlled server and sit idly until commands are received. In other words, it languishes on your phone, sucking up resources and draining performance, until the distributed denial of service attack is ready to commence.
The mobile-based DDoS attack is launched when instructions are received via SMS. The target server and port is sent in the command and from there your phone begins sending packets of information to the designated machine. One phone by itself isn’t enough to be successful. The vulnerability relies on the malware spreading to enough Android phones to allow the trojan to release critical mass. The power is in the numbers. Thousands of infected mobile phones targeting one website or server has the ability to affect performance and potentially send the website offline.
Fake Android App Uses Spam to Spread to Mobile Phones
That’s not the only problem. The malware is not only capable of launching sophisticated DDoS attacks – it’s able to send spam text messages. This capability was probably included in the design in order to further spread the malicious trojan virus. More than likely the app will be sending attachments to your contact list in an effort to trick family and friends into installing the app. If you pay for data, or don’t have unlimited texting, you’re paying for these spam texts.
There has been no conclusive evidence pointing towards the motive behind the fake Android app. It possesses the ability to launch DDoS attacks, but it also has the potential for consumer fraud by texting premium numbers owned by the perpetrators. When the text is sent to a premium number data rates apply, and you foot the bill.
Combating the Problem of Mobile-based DDoS Attacks
It appears that the malware hasn’t spread too far. As of yet, there hasn’t been any reports linking the fake Google app to recent DDoS attacks. Much remains to be seen in regards to mobile-based DDoS attacks. Large banks and corporations are struggling combating traditional denial of service attacks as it is now. Most have to outsource DDoS protection to third-party DDoS mitigation companies. This is obviously not a solution for mobile phones. The truth is DDoS attacks are constantly evolving. The best way to combat this new threat is awareness and information-sharing. The faster the knowledge can be released, the quicker the threat can be thwarted and stopped from spreading.