SMS malware spreads on local phones

It looked like a routine SMS from a friend, but turned out to be malicious software circulating on local networks.

Mr Jack Yeo, 35, was one of many phone users affected.

He received the text message yesterday afternoon, containing a link leading to a photo. The message asked if the photo was his.

Without a second thought, the taxi driver clicked on the link and installed a photo viewing application. He regretted it moments later.

The malware, believed to affect Android phones, prompted his phone to automatically send the same message to everyone on his contact list.

In an attempt to stop the SMSes from being sent, Mr Yeo restarted his phone. But when it rebooted, his home screen was blocked by pop-up advertisements, preventing him from using the phone.

"I spent an afternoon explaining to my friends that the texts were not sent by me, and that it was some sort of virus so they should not click on it," said Mr Yeo.

He ended up reformatting his phone to remove the ads, causing him to lose important information stored on it, such as his contacts and downloaded applications.

Some of the users affected by the malware have since informed their respective telcos about it.

Singapore's three telcos, StarHub, SingTel and M1, have all posted advisories on their Facebook pages to warn customers about the malware. It is not known how many mobile phone users were affected.


A spokesman for StarHub said it had received complaints regarding the incident.

It has since blocked the malicious link on its network.

The spokesman added: "Affected customers can contact us at our customer care hotline or e-mail address."

A spokesman for SingTel also confirmed that it has taken steps to inform customers about the malware.

"We put up a post on our Facebook page informing customers (about the) malware.

"Those who did click on the link can use antivirus software to help them detect and remove the malware."

Affected users can also visit the Singapore Computer Emergency Response Team (SingCert) for instructions to uninstall the malicious application.

This article was first published on Nov 25, 2014. Get The New Paper for more stories.