Indian Cyberspace has been hit by a new malware that affects devices that targets pre-Jelly Bean devices. The malware steals SMSes as well as other sensitive information from the users device.
Internet security sleuths have warned Android smartphone and tablet users to be careful of the virus. The malware steals personal information like email addresses, IMEI numbers, SMSes and installed apps. The malware can even make calls or send SMS without the users knowledge. This could be dangerous for those who receive OTPs and other confidential information on their cell phones and will make it easy for attackers to transfer funds from the users accounts if they manage to steal the user ID and password as well.
The Computer Emergency Response Team-India (CeRT-In) said in its latest advisory to Android users in the country:
"It has been observed that a critical vulnerability exists in Android which could allow attackers to inject malicious code into legitimate applications which makes it possible to change an application's code without affecting the cryptographic signature of the application, essentially allowing a malicious author to trick the Android device into believing that the crafted application is unchanged."
The cyber police has suggested some counter measures against the virus like checking for the permissions required before installing an application, to exercise caution while visiting un-trustworthy sites and run a full system scan through a device with a mobile security solution. The cyber crime sleuths added that the apps should be downloaded from reliable sources like the Google Play Store and not from un-trust worthy sources.