More Android Malware, The BaseBridge

Well it seems that there’s yet another Android malware to plague Android users and this one is called BaseBridge, and unlike DroidDream this one could prove to be rather costly to users if they don’t act on it fast. As it stands there are about 20 Android applications circulating various forums on the internet and what the malware does is that it auto-dials phone numbers which will incur high fees on your end. Some of the infected mobile applications include QQ Doudizhu, Voice SMS, Drag Racing, Trader, Donkey Jump, Jungle Monkey and Gold Miner among several others.

Named BaseBridge, the Malware can be embedded in legitimate applications, and when the applications are being installed, the Malware prompts the user to upgrade, and once the user chooses to upgrade, the Malware is installed in the device under the software name “com.android.battery”. Then, another prompt would pop up to ask the user to restart the app to run it, and the Malware is formally activated upon restarting.

Upon activation, the Malware would activate three malicious services — AdSmsService, BridgeProvider and PhoneService — to communicate with a control server, from which it will download a configuration list to read related information and dial calls or send out SMS messages accordingly, incurring fees for the users. Meanwhile, the Malware also blocks messages from the mobile carrier to prevent users from getting fee consumption updates in time so that all malicious activities are undertaken stealthily without the user’s knowledge or consent. The Malware may also insert messages to the inbox of a mobile device at a designated time.

Android users should start paying more attention to the applications that they are downloading, make sure they are from trusted sites, not third party ones, and always check for permissions and app requests. There are several mobile anti-viruses out there so perhaps it’s something Android users should look into.