Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


02:12 PM
Dark Reading
Dark Reading
Products and Releases

NQ Mobile Security Center Eradicates Three New Malware Strains Infecting Thousands In China

Three quarantined malware threats used SMS messages to deliver their malicious payloads

BEIJING and DALLAS, Sept. 27, 2013 /PRNewswire/ -- NQ Mobile(TM) (NYSE: NQ) a leading global provider of mobile Internet services, announced that its security center has captured and inoculated against three new malware strains that affected thousands of Chinese mobile users.

The three quarantined malware threats used SMS messages to deliver their malicious payloads, demonstrating the growing need for protection beyond controlling the app store environment.

-- Fake Bank (privacy.SmsServices.a): The most potentially dangerous of the three, Fake Bank masquerades as a banking application, only to steal users' accounts and passwords, block or upload their text messages, send fraudulent messages, and block incoming calls.

-- Group Scammer (privacy.Cckun.a): After users clicked a malicious link in an SMS message, the infected device could be remotely controlled to spread the infection through group messages. At the same time, a third-party application with the ability to send premium messages without the user's consent could be installed on the device, leading to additional bill charges.

-- Fee Server (payment.ZooTiger.a): This threat delivered multiple malicious payloads, uploading users' private contact lists to the server, delivering unwanted advertising to users' inboxes and connecting to fee-based services via SMS and WAP resulting in unexpected bill charges.

The early detection of these threats confined infection to fewer than 20,000 devices.

The newly discovered threats follow just days after discover of a.privacy.SmsManager.a (Privacy Leaker) and a.payment.Sexyapp.a (SMS Fraudster), which risked mobile users' privacy and caused fraudulent bill charges.

NQ Mobile Security(TM) for Android is available for download at http://www.nq.com/mobilesecurity and on Google Play.

About NQ Mobile

NQ Mobile Inc. (NYSE: NQ) is a leading global provider of mobile Internet services. NQ Mobile is a mobile security pioneer with proven competency to acquire, engage, and monetize customers globally. NQ Mobile's portfolio includes mobile security and mobile games as well as advertising for the consumer market and consulting, mobile platforms and mobility services for the enterprise market. As of June 30, 2013, NQ Mobile maintained a large, global user base of

372 million registered user accounts and 122 million monthly active user accounts through its consumer mobile security business, 87 million registered user accounts and 16 million monthly active user accounts through its mobile games and advertising business and over 1,250 enterprise customers. NQ Mobile maintains dual headquarters in Dallas, Texas, USA and Beijing, China. For more information on NQ Mobile, please visit http://www.nq.com/.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-11-28
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is ...
PUBLISHED: 2020-11-27
blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.
PUBLISHED: 2020-11-27
npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or sani...
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.