Several malicious programmes are using GCM as a Command and Control server.
Google Cloud Messaging (GCM), which was developed to make it easier for Android-based app developers to support programmes downloaded and installed on users’ smartphones and tablets, is being inadvertently abused by cyber criminals, according to a study.
There are reported to be many malicious programmes using which virus writers take advantage of the opportunities presented by this service, according to IT Threat Evolution Report for Q2 2013 by Kaspersky Lab.
Kaspersky Lab Expert Roman Unchek says that they have detected several malicious programmes that use GCM as a Command and Control server.
This is said to be making it quicker and cheaper to manage infected Android devices, simply by registering on the Google service.
"It would be strange if virus writers were not taking advantage of the opportunities offered by this service. At present, there is not much mobile malware using GCM, but some of the programs are already quite popular. They are widespread in some parts of Western Europe, the CIS and Asia.
"The only way to block these channels of communication between the virus writers and their malware is to block the accounts of those developers whose IDs are used when registering malicious programs. We have informed Google about the detected GCM-ID which are used in malware," added Unuchek.
Malware statistics presented by Kaspersky Lab showed that its products detected and neutralised a total of 983,051,408 threats in the second quarter of 2013; 577,159, 385 infections were prevented from infecting users’ while accessing the internet; 400,604,327 malicious programmes were prevented from infecting users’ machines; and 29,695 new malware modifications were added to Kaspersky Lab’s detection system in the second quarter of 2013.