Another Android SMS Virus in the Wild: Gazon
Well folks, it looks like another great deal just isn’t as good as it seems. You know what they say, right? If it looks to good to be true, it probably is. So be on the lookout for yet another Android virus that spreads around via SMS, messaging as many contacts as it can.
Adaptive Mobile has uncovered Gazon, a virus that spreads by SMSing all of your contacts an enticing link.
Adaptive Mobile has recently reported that there is a malware ridden app that pretends to be an Amazon Rewards app, dubbed Gazon. Once installed it actually farms your contacts and then sends a message to each and every number stored in your phone contacts. This mechanism isn’t new by any means, and there are certainly several such apps that exist in the wild. I even received a spam group message complete with a shortened link just the other day, presumably from one of the other pieces of SMS Android malware.
Gazon actually doesn’t seem to send any data back to command and control systems, but instead continues to populate pages and links for which when you click, the author of Gazon earns money. So it’s a more passive way to make money as opposed to just outright stealing of information.
While you’re busy clicking on links and being redirected to all sorts of pages that certainly aren’t an Amazon gift card, the malware is executing the following, so as to propagate itself to the rest of the world.
It primarily seems to be spreading through North America, though it’s certainly made the rounds to the rest of the world. Theoretically this type of malware could propagate itself to a large population very quickly. But this particular piece seems to be limited somehow, perhaps even by the wariness of receiving unknown text messages.
The fact that there is no command and control or other heinous bits of code doesn’t mean that such a virus can’t be adapted to also harvest personal information for other purposes. So be on the lookout for fake reward type apps and just be sure that the author is the owner of the site for which you are promised a reward. Also, don’t click on random weird and suspicious links coming from messages. In other words, browse smart!