Be Aware That SDK Contain Malicious Android Apps Code That Steals SMS Messages

Tags

If you are one of those that love developing app, or you are thinking of venturing into, it be aware of this. Chinese platform SDK (Software Development Kit) that is distributing a malicious code. Inasmuch as this very code help developers to implement in-app purchases (IAP) especially for Android apps. Well is good
you also understand that the SDK secretly steals all SMS messages that arrive on infected phones.

For long now the SDK is being offered as a free download by one of Chinese firm called Taomike. Those into App development do use it to create mobile app that provide in-app purchases via SMS messages. Well according to Palo Alto Networks the security firm that discovered the SDK. They said only the recent versions of the SDK seem to contain the SMS stealing functionality.

Read Also; Learn How To Update Your Device To Android 6.0 Marshmallow, Now That is Out

The very version that was release in August 2015. Although Palo Alto Networks has have to delete over 63,000 of the Android apps that contain the Taomike SDK. But is only 18,000 of them include the recent malicious version of the SDK. One still wonder if at all the developers of this apps are aware of the library they used to power IAPs is actually stealing SMS messages both of (text body and sender number) and then uploading them to one of Toamike's server.

The very specific one is 112.126.69.51/2c.php. And typing the URL to Toamike was easy, reason been that they also used to host other API function. And from all indication it appears that the affected apps seem to have been created only by Chinese developers, and you can never see them on Google's official Play Store. One still wonder what exactly Toamike are up to with the stolen SMS or the plan behind the move.

Lets Talk About It! Join Me Please
EmoticonEmoticon