Researchers at Russian security company Doctor Web have discovered a new Trojan app for Android which can carry out Distributed Denial of Service (DDoS) attacks on various internet resources.
According to the researchers, the new Trojan app, known as Android.DDoS.1.origin, can send short messages upon a corresponding command from criminals.
Once the new Trojan app is installed, it creates an application icon, similar to that of Google Play, the researchers added.
Researchers said that if the user decides to use the fake icon to access Google Play, the original application will be launched, which significantly reduces the risk of any suspicion.
After its launch, the new Trojan app tries to link to a remote server and if it succeeds it will transmit the phone number of the compromised device to criminals and will then wait for further SMS commands.
According to researchers, supported directives include attack a specified server s well as send SMS and if criminals want the Trojan to attack a server, a command message will contain the parameter [server:port].
After receiving the command, the app starts to send data packets at the specified address and if the malicious program is required to send an SMS, the command message will contain the message text and the number to which it should be sent.
Researchers claim that activities of the Trojan can lower performance of the infected handset and affect the owner, as access to the Internet and SMS are chargeable services.
Researchers said that they are not quite clear yet how the Trojan spreads but most probably criminals use social engineering tricks and disguise the malware as a legitimate application from Google.
Earlier this month, researchers at security company Cloudmark had discovered a new Android phone spam botnet which uses infected handsets to send bulk SMS spam messages without the user’s permission.
