Android users are facing a new threat in the shape of a worm, ominously named ‘Selfmite.b’. As with most worms, the majority of users will be unaware of the threat, which sends text messages to every contact in a user’s list. Selfmite.b gets into others’ phones via the innocent-looking SMS which appears to be from a friend or other trusted person. Once a user has been tricked into clicking the bogus links contained in the text message, malicious software is installed on their device.
This pernicious virus takes its name from Selfmite, the SMS worm that attacked smartphones earlier this year. But while that worm sent links to the first 20 contacts in an address book, Selfmite.b sends them to every single contact. Not only that, it does this on a loop, meaning victims continue to receive malicious texts until they are blocked.
According to data from AdaptiveMobile, the worm had sent over 150k messages during the first ten days of October. Victims span the globe, with infected phones identified in Canada, China, Costa Rica, Ghana, India, Iraq, Jamaica, Mexico, Morocco, Puerto Rico, Russia, Sudan, Syria, USA, Venezuela and Vietnam. That’s a hundred times more traffic than the first Selfmite generated. Exacerbating the problem is the fact that the people behind the worm can change it remotely using a configuration file. This makes it much harder to stop the infection process.
As inconvenient and embarrassing as having your entire contact list spammed is, the worst upshot for victims is financial. Selfmite.b can generate huge phone bills, and victims even risk having their number blocked as though they were the perpetrators. The worm can even sign users up to expensige online subscriptions.
You can protect yourself. Selfmite.b requires you to manually click a link and manually install the APK file. If in doubt about any such file, don’t install it. Because of the generic nature of the messages containing the links, it shouldn’t be too hard to spot the scam. It will use one of the following texts, or something similar:
Hi buddy, try this, its amazing u know.http://x.co/5****
Hey, try it, its very fine.http://x.co/5****
Unless your friends are in the habit of sending you weird links, alarm bells should already be ringing. The poor syntax is a dead giveaway. And if nobody calls you ‘buddy’ then you’re probably on to Selfmite.b immediately.
The key is to avoid falling into the trap of absent-mindedly clicking links. Always read messages carefully, and if you have any doubts, give your friend a quick call to see if they sent you a text. They will thank you for alerting them to the fact they are being targeted. If your phone has already contracted Selfmite.b, a good anti-virus program will get rid of it.