Understanding the Android SMS Virus “Selfmite”

October 22, 2014 | By Natasha Devotta

Selfmite is a Worm, a category of computer virus. A worm contains malicious code that uses system networks to replicate themselves. They are major threat to a computer and network system. Worms do not require human intervention whereas viruses do.

There have been many viruses that found by developers for a malicious purpose. Recently, Android phones have been known to be infected by a malicious worm software called the Selfmite.b.

What is Selfmite.B?

Selfmite.b is a worm that infects an Android device and presents unwanted ads to the user on the compromised machines. It is sent through SMS.

Android Selfmite.b was found and identified earlier this month, October 10, 2014. So far, only a few devices have been infected. Fortunately the removal of this computer worm, Android Selfmite.b is very much easy.

Android Selfmite.b affects only the devices that has android operating system. Selfmite.b acts upon a simple mechanism to infect the system and access the user’s contacts list. It uses the contact list spread to other devices.

A few months back the Android Selfmite.A was identified installing an unauthorized app to replace the existing Android software, It also pulled out the first 20 contacts sending its own infectious content to the contact via SMS.

Now the Selfmite.b has been found as variant of Selfmite.A, disguised as a Google Plus app

How does it works?

Sending SMS:

Selfmite.b has less virulence when compared to a similar version of Android Virus Andr/SmsSend-FA, which is also known as Heart App. This type of malicious piece of code makes the most use of SMS by screening the first 99 contacts and hence sending infectious SMS to them. The most common text used in this SelfMite.b are “Hi buddy” and “Hey, try it” in the form of SMS

The SMS links were not found to be very specific, and are totally dependent on the URL shortening service by means of an Http redirect. If you come across such messages on your android device please do not open it and immediately delete it. Beware the it may appear to from your friends.

Self Protection:
Selfmite.b copies the self protection aspect of an another variant of FBILock-A malware that was identified in July after the Selfmite.a

It does this by registering as new android device administrator implementing security based feature by enhancing safety measures
With this method, the crooks make the removal of hardware more difficult.

Now that you go to the menu options, heading to the Settings and further tap on the fake Google Plus app icon, you will not get to uninstall the app, so as the power of administration

Now, how to sort it out?

To solve this mind breaking puzzle of insecurity you should,

  1. Go to the Settings options,
    a) click security
    b) choose Device administrators option that is available
    c)  choose the  deactivate option. The malware’s administrative privileges gets deactivated.
  2. Dispose the app by going to the apps in the Settings menu.

More inputs revenue generating – Selfmite.b:

SlfMite-B was established mainly to mint money  not just to create an havoc for the victim.

  •  It might contain a URL that helps you to download a graphical icon
  • A name relating to that icon
  •  URL that redirects you to the page once the icon is clicked

Clicking the icon produces revenue for the hackers.

The icon is a malware, that is programmed to extract personal data from your android device, It also gains access to the smartphone’s IMEI (International Mobile Equipment Identity), and helps in viewing the user’s contact list.

A simple way to avoid such troubles is to rely on Comodo. Comodo offers a wide range of security products, with also an inclusion of Comodo Antivirus for Android.

Save your Android smartphones using Comodo Internet Security products!

Be Sociable, Share!

    Add new comment

    Your name
    Comment

    You may use these HTML tags and attributes: <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>