New Android Koler Trojan Infecting Thousands via SMS

New Android Koler Trojan Infecting Thousands via SMS

Researchers reported a fake porn app that is infecting Android users everywhere. back in May of this year.  Originally,  the Koler Trojan would  infect users when the phony DaBoink app is opened, but has evolved to spreading via SMS text message.The Koler Trojan horse takes over an Android device and demands that the user pay $300 via PayPal or the phone will remained locked.  The pesky Trojan will reappear no matter if the user closes out the browser that is infected.  

AdaptiveMobile security firm was first to report on the new dangerous Koler Trojan.  The new variant disguises the Trojan as a ‘law enforcement’ fine and claims that the user was looking and storing  child pornagrpahy.  The security firm also reports that a massive text message to the victims contacts will also be sent:  “someone made a profile named -[the contact’s name]- and he uploaded some of your photos! is that you?” that is followed by a url link.  Once the link is clicked the user is directected to a Dropbox link  IMG_7821.apk.  The Trojan will disguise itself under the name PhotoViewer and thus infects a new victim.

Photo Via AdaptiveMobile Koler Trojan Screenshot

PCWorld advises that users turn off the “unknown option” in the Android Security to prevent users from downloading unknown applications not found in the Google Play store.  Don’t worry, the Trojan can removed off the device but is no easy battle.