News  Android
News  Android
Fakealert.4.origin Advert

Ad lures victims to fake anti-virus app

Using on-device ads, a trojan has emerged targetting Android users which is known as "Android.Fakealert.4.origin". 

Windows users are well aware of this trick which has proved very effective over the years, but it's the first time a widespread attack like this has been reported on Android.

Unlike screening malware apps from the Google Play store, ads are a different beast altogether since almost all the free apps available show them as their primary revenue stream. In other words, the "delivery" mechanism itself is nearly impossible to remove.

Initially reported by Antivirus firm Dr Web, it is pointed out it is the advertisements that prompt users to scan their mobile devices for viruses and then lure them into downloading a fake anti-virus for Android - the ads themselves cannot carry the virus automatically into the handset.

News  Android

One persons malware...

What would you describe some mobile software as if it was installed on a users handset without their knowledge and secretly sent their location, SMS's and listened in to their calls without their knowledge? Most would think they had a virus, but in fact with FlexiSpy that's not the case - or is it? Since 2005, commercial software has been availabe to to exactly that in the form of FlexiSpy.

FlexiSpy runs on all the maior smartphones and claims to be undetectable. Its made by FlexiSpy, Inc of Wilmington, in the US, and counts as its sutomers a wide range of users from individuals suspecting their partners are cheating right through to law enforcement.

News  Android
Trojan targets Tibetan activists

The smartphone virus gets political

Android malware has been discovered which targets Tibetan activists. Kaspersky Labs are warning users of a "spear fishing" attack using email and a trojan which spreads to a users contacts. To seduce its victims into opening it, the email used a statement on the recent conference organised by the World Uyhgur Congress aimed at bringing together Chinese democracy and various other human rights activists. In fact, when its victims opened the email, they were exposed to an App which contained the virus. The same event was used as bait in a different email attack targeting multiple activist groups earlier this month aimed at Windows users via a malicious Excel file.

The command-and-control (C&C) server -- which is running Windows Server 2003 and set to use the Chinese language -- that the malware communicates with is hosted by Emagine Concept Inc. in Los Angeles. Until recently, a domain registered in Beijing also pointed to the C&C server.

News  Android
Android "Infrared X-Ray"

Spams users contacts

Symantec is warning of an app claiming to allow users to see through clothing which in fact contains malware. The app will trawl through the users address book and spam the victims contacts via SMS. Symantec warn:

While the contact data is being stolen and sent to the malware author, the new variants also download and display registration details for a website hosting adult content. The app no longer attempts to turn the camera on like it did previously. Instead, it displays a splash screen for a second or two before displaying a message stating that registration has completed and the victim is asked pay 29,000 yen for the “service”.

To make things even harder, the app removes itself from the launcher once it has completed a run.

F-Secure warned that malware authors are developing more sophisticated attack techniques for mobile devices, using encryption and randomization or hiding malicious code in image files. Malware also was discovered on bootleg copies of the Angry Bird game, the firm said.