Symantec has discovered a rogue Android app that can hijack a smartphone and run up big texting bills before the owner knows it. The free Steamy Windows app has been modified by Chinese hackers and then re-released into the wild.
The cyber criminals grabbed a copy of Steamy Windows, then added a backdoor Trojan horse … to the app’s code. The reworked app is then placed on unsanctioned third-party ‘app stores’ where unsuspecting or careless Android smartphones find it, download it and install it.
The malware can install other applications, mess with the phone’s browser bookmarks and send text messages to premium rate numbers.
Steamy Windows is just the newest in a line of compromised Android apps. Last month, researchers discovered a Trojan dubbed HongTouTou that is repackaged in popular Android apps and distributed through alternative Chinese app markets and forums.