Android app sends files to China

Security researchers have discovered an Android botnet that at the present is mainly in South Korea, but is expected to spread.

The so-called MisoSMS masquerades as a benign settings app for carrying out administrative tasks on mobile devices. However, the malicious app steals SMS messages from the infected device and emails them to a command-and-control (C&C) infrastructure hosted in China.

Researchers at net security firm FireEye are working with Korean law enforcement to try to mitigate the active threat.

FireEye has published a blog post to give more info and details on the workings of MisoSMS. The malicious app may show up as “Google Vx”, a "vaccine killer" supposedly copyrighted and developed by "google.org”.