Bill Shocker malware infects over 600,000 Android smartphones in China

31 Jan 2013

One of the most costly viruses ever unleashed has been discovered and has already impacted more than 600,000 Android devices in China. The malware, which threatens to go global, takes control of contact lists, internet connections, and dialing and text functions, and can be used to collect personal information and engage in SMS spamming.

According to NQ Mobile, the security firm that claims to have discovered the malware, Bill Shocker is an SDK-type virus that attached itself to several of the most popular mobile apps in China, including Tencent QQ Messenger and Sohu News.

The app is spreading like wildfire via third-party online app stores and retail installation channels.

The malware silently downloads itself into the background of a user’s mobile device and takes control of the device.

Bill Shocker turns infected phones into ‘zombie’ devices

It then uses the ‘zombie’ device to send text messages that generate financial gain for advertisers.

Users end up being hit for extra charges for their operator as the messages quickly overrun the user’s bundling quota.

“Our researchers have alerted Chinese mobile carriers of the threat to prevent the spread of these kinds of threats,” NQ Mobile said. 

“We’ve also provided our RiskRanker cloud-scanning engine to China’s top mobile carriers, including China Mobile and China Unicom, as well as Baidu Mobile Services, to help them prevent any further spread of malicious mobile viruses.”

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years