A new Android malware has been discovered, and it's the most sophisticated Android virus researchers have ever seen on the Google's mobile operating system. It's an evasive virus, and has more in common with Windows infections than any other Android trojan out there.
Part of the reason why security researchers are concerned: Obad's files and codes were encrypted and obscured to prying eyes. There's also the fact that the malware cannot be deleted after it gains administrative privileges.
The Android trojan was discovered by the Russian security experts at Kaspersky Lab.
The good news is that the malware isn't widespread, totaling 0.15 percent of all attempted malware infections, but it quickly could be very serious.
Once installed, Obad can download more malware, rack-up costs by sending SMS messages to premium-rate SMS numbers and perform root commands in Android's console. The malware can also give itself Device Administrator privileges while hiding itself from the listed applications with administrative access. That makes Obad nearly impossible for the common Android user to delete.
Obad - formally called Backdoor.AndroidOS.Obad.a - isn't on the Google Play store. According to Ars Technica, Obad can be distributed through malicious text messages onto Android devices configured to sideload applications from third-party sites. The malware can also spread to other Android handsets by using Bluetooth and Wi-Fi connections and a number of previously unknown Android bugs. Through these bugs, the attackers can issue commands by SMS messages.
"To conclude this review, we would like to add that Backdoor.AndroidOS.Obad.a looks closer to Windows malware than to other Android Trojans, in terms of its complexity and the number of unpublished vulnerabilities it exploits," Kaspersky Lab Expert Roman Unuchek said in a blog post detailing the malware. "This means that the complexity of Android malware programs is growing rapidly alongside their numbers."
There are, of course, far more serious and infectious forms of malware out there - particularly on the Windows operating system - but if Obad is any indicator, similar exploits are coming to the Android ecosystem.
Unuchek said Kaspersky has contacted Google regarding the infectious trojan. Google has yet to make any comments regarding the malware.