Symantec’s Security Response team has found a privacy-infringing application called Call Cheater Lite that may also result in unwanted SMS charges.
The purpose of this app is to block unwanted phone calls from certain individuals by giving the owner of the phone the ability to play any sound or pre-recorded message to an offensive or unwanted caller.
According to the application description, the user can configure the app to play a pre-recorded message or sound to make the caller believe that the phone is disconnected or out of service.
Additionally, there is code present that asks the user if they liked the app. If the user selects “yes”, the app asks the user if they would be interested in purchasing the full version, but if they dislike the app and select “no”, the app asks why the user does not like the app. Unfortunately, regardless of what the user does at this point, an international rate SMS message—which is not free—is queued for sending. It is then sent to a number located in India.
Symantec’s latest Internet Security Threat Report highlighted that mobile vulnerabilities increased by 93 percent in 2011 and that threats targeting the Android operating system are on the rise. With the number of vulnerabilities in the mobile space rising and malware authors not only reinventing existing malware for mobile devices, but creating mobile-specific malware geared to the unique mobile opportunities, 2011 was the first year that mobile malware presented a tangible threat to businesses and consumers.