There might be something creepy crawly in your Android device. Selfmite is a new Android worm that installs malware on your device. It's a no good, very bad worm, but luckily, it has been caught before it makes too much trouble.
Discovered by security firm AdaptiveMobile, Selfmite is passed through text messages, pulling names from the contact book. The texts include a shortened URL that leads to the worm and appears as so:
"Dear [contact name], Look at the Self-time, goo.gl..."
The malware is installed immediately, and passes the same text to twenty contacts in your address book. From there, the vicious cycle of evil URLs continues.
The "goo.gl" link contains an Android application package file, innocently titled "TheSelfTimerV1.apk." When it's installed, it appears as an app called "The Self-Timer." In our selfie obsessed world, a self timer is a useful and heavily used application, but this particular one will not help your selfie game.
Selfmite then displays an innocent looking invitation to the app Mobogenie, which is a legitimate application. Mobogenie allows users to link their Android devices and computers, as well as access an alternative app store. It's a relatively popular app, with a great referral program. If you refer someone, and they begin using Mobogenie, you get a kickback. This is why the attackers promoted the download in their worm. AdaptiveMobile researchers explained, "We believe that an unknown registered advertising platform user abused a legal service and decided to increase the number of Mobogenie app installations using malicious software."
This is only the second worm of this kind discovered on Android. The first was Samsapo, discussed by the experts at ESET. Luckily, this particular worm did not affect many users and was shut down relatively quickly. Just like with any worms, where there are two, there are a many more lurking below the surface. Because the mechanism now exists to create and propagate these worms, we could be seeing more in the near future.
This article is from the archive of our partner The Wire.