Posted by: David Harley | February 13, 2013


Another variant of the SMSSend Trojan flagged in Russia in December by Dr Web and Kaspersky has been flagged by Thomas Reed in Thomas’ Tech Corner.

Reed reports that:

The current incarnation that I have stumbled across no longer pretends to install VKMusic. Instead, it pretends to be an installer for something called History of Sochi…The installation process culminates in a request for the user to text a particular code to a cell phone number.

Whereas the version seen in December didn’t seem to have any impact outside Russia, it seems that this one may have the potential to spread its wings to:

Albania, Armenia, Belorussia, Brazil, Estonia, Germany, Kazakhstan, Kyrgyzstan, Latvia, Lithuania, Moldavia, Russia, Ukraine and Vietnam.

That doesn’t mean that it’s going to be found in all those countries, of course. On the other hand, it doesn’t mean it won’t spread beyond those regions, but I wouldn’t panic yet. In any case, it looks as if Apple has already taken action. A sample has been shared with AV vendors.

Mac Virus/Small Blue-Green World
ESET Senior Research Fellow

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: