Company officials say the Trojan, dubbed Trojan-SMS.AndroidOS.FakePlayer.a, is the first of its kind for the Android platform, even though SMS Trojans are currently the most widespread type of malware on mobile phones.
SMS Trojans provide an immediate way of gaining financially from malware, as it involves the transfer of funds from affected users' phone accounts to the service provider behind the premium number. Presumably the plan is to withdraw the cash received before news of the malware gets out, and then disappear from view, leaving the carriers and/or service platform providers to carry the can.
Kaspersky officials suggest that Android users pay close attention to the services requested by an application at the time of installation, and note that a signature for Trojan-SMS.AndroidOS.FakePlayer.a has been added to the company's antivirus databases.
The company plans to release a security product for Android in early 2011.