Android's Steamy Window trojan sends SMS to premium numbers

An Android App called Steamy Window is being used by hackers to take over Android phones and run up big texting bills.

Symantec says the app is a free program that Chinese hackers have modified, then re-released into the wild.

In a statement,  Vikram Thakur, a principle security response manager at Symantec, said that Steamy Window is the newest in a line of compromised Android apps.

The hackers grabbed a copy of Steamy Windows, then added a backdoor Trojan horse – “Android.Pjapps” to the app’s code.

The app was then placed on unsanctioned third-party “app stores” in the hope that punters looking for dodgy apps can find them.

Thakur said that while hacks like this were becoming a dime a dozen this one stood out as a particularly nasty piece of work.

The Trojan planted by the malware-infected Steamy Windows can install other applications, bugger around with the phone’s browser bookmarks, and navigate to Web sites and silently send text messages.

The criminals send messages to premium rate numbers and collect commissions.

The software has a built-in filter that blocks incoming texts from the user’s carrier so they do not know where their phone has been calling.

Smartphone owners will be unaware that a phone has collected a huge phone bill calling premium services until they receive their next statement.

Thakur said that Android smartphones are an attractive target for hackers. Not only are they popular but users can install apps downloaded from third-party distribution sites.

He warned Android users to beware of unauthorized app stores, comparing it to downloading a Windows app from a ‘warez’ site.

If you must visit such sites, he said then you should look at the permissions the app requests when it installs. Rogue apps want total control.