A new malicious program or Trojan has been found in the Android Market by Totaldefence.com.
This Trojan disguises itself as popular software which the victims are not able to differentiate while downloading and it secretly installs itself on the victim’s device but in order to make the user less suspicious, the application triggers the installation of the actual software via the downloaded link which is presented before the user to accept.
During the whole installation process, the Trojan keeps sending messages to its host consisting of data collected form the device in order to theft data or just to increase the user’s consumption charges.
But the application is not self-executing and still requires users’ inputs to execute commands. So as you can see in the screenshot of the application, the App is specifically asking for permission to send messages. Such privileges most of the users ignore while installing application and that are the reason why they get affected by such malicious programs so easily.
So a word of advice that before installing any app, users should read all the access and permission requests. Most of the users make the mistake of not reading the agreement and grant the access to the app without thinking.
For example, if a calculator app is being downloaded and is asking for access to the Internet, it doesn’t make sense. Even the permission levels should be looked into and if any app is asking for root access, it should be promptly deleted because root access can let the app play havoc with the phone.