NQ Mobile Security Research Center , in collaboration with Dr. Xuxian Jiang’s team at North Carolina State University, has recently uncovered a new piece of Android malware that can be controlled via SMS.
The malware dubbed as 'TigerBot' has the built-in payload to execute a variety of commands ranging from uploading current location, sending SMS messages, to even recording phone calls.
"TigerBot can be remotely controlled by sending SMS messages. In order to receive remote commands, it registers a receiver with a high priority to listen to the intent with action “android.provider.Telephony.SMS_RECEIVED”. As a result, it can receive and intercept incoming SMS messages before others with lower priorities."reads the NQ Mobile Security Research Center's blog post.
To hide its existence, this malware chooses not to show any icon on the home screen, but disguises with legitimate app names by pretending to be apps from legitimate vendors such as Google and Adobe.
Prevention is better than cure:
To stay away from this malware ,download applications only from trusted sources, Never accept application requests from unknown sources.