“MSO.PJApps” Android virus identified in China

Mobile security service provider NetQin Mobile ("NetQin") has announced that a new virus on Android devices was identified by the company. The virus, named "MSO.PJApps," causes leakage of private data and subscribes to fee-charging services without user's awareness, causing financial losses to mobile users. NetQin Mobile responded to the security threat within 12 hours of identifying suspicious behavior from the Android virus and updated its virus database to ensure that Android device users get timely protection.

The virus was repackaged into the most popular mobile applications available for download from a popular application download site in China. Once installed on a mobile device, without the device user's consent or awareness, the virus surreptitiously connects to certain sites and sends text messages containing the mobile device's IMEI number and other data to designated numbers controlled by a remote server. In addition, the virus receives commands from the remote server to download and install software without user's awareness. All these malicious actions may lead to unintended service subscription charges, cause financial losses to users and expose users to other mobile security threats.

The "MSO.PJApps" virus is injected into legitimate mobile applications and modifies the application entry in Manifest.xml to add certain modules. It is activated in the background with a change in signal and when the relevant program starts automatically. It encrypts the domain names of the site which is connected to. The virus author disguises the malicious URLs as being encrypted with BASE64, while the URLs are actually encrypted with an algorithm designed by himself, according to the Mobile Security Center of NetQin Mobile Inc.

NetQin Mobile has offered mobile security solutions using its extensive resources, including updated mobile security knowledge repository, client-side malware scanning, online malware scanning engine services and an application download site to protect NetQin users from the latest mobile security risks. There are many ways to protect a mobile device from viruses; the mobile security service provider suggests:
+ Download applications only from trusted sources, reputable application stores and markets, and be sure to check reviews, ratings and developer information before downloading.
+ Never blindly accept application requests. Closely monitor permissions requested by any application; an application should not request permission to do more than what it offers in its official list of features.
+ Download a trusted security application that can scan the applications being downloaded onto any mobile device. NetQin Mobile Anti-virus users are already fully protected from the "MSO.PJApps" threat. NetQin Mobile Anti-virus 4.2 for Android is available for download at http://www.netqin.com/en/antivirus and on Android Market.