New mobile malware’s been discovered
NQ Mobile’s Security Research Center has unearthed a nasty piece of malware called “Bill Shocker.” Using our proprietary RiskRanker™ cloud scanning engine, our engineers have confirmed this disturbing discovery.
What makes it shocking? First, it’s potentially one of the most costly viruses yet discovered. In addition, it’s already impacted over 600,000 users in China, and presents a potential threat to Android devices worldwide.
How this particular infection spreads
Bill Shocker is an SDK-type virus (Software Development Kit). Our experts, using NQ’s RiskRanker system, found the virus attached to several of the most popular mobile apps in China, including Tencent QQ Messenger and Sohu News. Third-party online app stores and retail installation channels are distributing the infected versions of these apps, which is allowing them to spread like wildfire.
What Can Bill Shocker Do?
Bill Shocker malware silently downloads itself in the background of your mobile device without your knowledge. It takes remote control of the device, including your contact list, Internet connections, dialing and texting functions. Once it’s turned your phone into a “zombie,” it sends text messages that create financial gains for advertisers. In many cases, the threat will overrun a user’s bundling quota, which subjects you to even more unwanted charges.
NQ Mobile’s RiskRanker system identifies potentially dangerous apps before they have the opportunity to impact users’ phone bills. RiskRanker determined that the Bill Shocker malware is capable of upgrading itself and automatically expanding to other apps, multiplying its potentially disastrous effects.
What we’re doing about it
Because Bill Shocker can be used to send costly messages remotely, NQ Mobile believes it poses a serious threat to Android users.
- We’ve already inoculated our cloud-based NQ Mobile Security product to keep our customers safe.
- As a public service, NQ Mobile has posted an anti-malware app to help protect all Android users. It can be found here.
- Our researchers have alerted Chinese mobile carriers of the threat to prevent the spread of these kinds of threats. We’ve also provided our RiskRanker cloud-scanning engine to China’s top mobile carriers including, China Mobile and China Unicom as well as Baidu Mobile Services, to help them prevent any further spread of malicious mobile viruses.
NQ Mobile technology helps to curb the spread of malware such as Bill Shocker and variants across borders and oceans. However, this is an important reminder that these threats are very real and can have devastating effects. With its proprietary threat detection system that includes the collective intelligence provided by users in more than 150 countries, NQ Mobile finds most threats before anyone else.
Our tips to avoid mobile infection
To avoid becoming a victim of mobile malware, our experts ask you to follow some common-sense guidelines for smartphone security:
1) Only download applications from trusted sources, reputable application stores, and markets, and be sure to check reviews, ratings and developer information before downloading.
2) Never accept application requests from unknown sources. Closely monitor permissions requested by any application; an application should not request permission to do more than what it offers in its official list of features.
3) Be alert for unusual behavior on the part of mobile phones and be sure to download a trusted security application that can scan the applications being downloaded onto your mobile device. NQ Mobile Security users are already fully protected from the “Bill Shocker” threat.
NQ Mobile Security for Android is available for download from our website, and on Google Play.