Android Users Get Scammed With In-App Antivirus Ads 82
An anonymous reader writes "A new malware scheme has been discovered that pushes fake antivirus software to Android users via in-app advertising. Once installed, the trojan informs the victims they need to pay up to remove threats on their device. The malware in question, detected as "Android.Fakealert.4.origin" by Russian security firm Doctor Web, has been around since at least October 2012 according to the company. While Android malware that masks itself as an antivirus for Google's platform is nothing new, and neither are ads in Android apps pushing malware, but putting the two together can certainly be effective. This is naturally a practice that Windows users are all too familiar with."
Always give them a chance (Score:5, Interesting)
I will never understand why phishing and malware attempts always have some weird tell that they're not legit. Whether it's some bizarre choice of words in the midst of an otherwise fairly legit looking piece of email or Cyrillic text in the middle of an otherwise semi-legit looking app there's always a tell.
It's as if the authors are carefully trying to prey only on the truly stupid.
No "Unknown sources" and pay to "adb install" (Score:5, Interesting)
What's Android platform specific about this?
Mobile platforms other than Android put substantial barriers in the way of being able to "run this random program you got from somewhere". Windows Phone 7 and iOS, for example, don't really have a counterpart to the "Unknown sources" checkbox of Android, and they charge $99 per year for "provisioning", which allows the user to load applications through the equivalent of adb install.
Apple users too..Nothing new here (Score:2, Interesting)
I'm never really sure why one scam virus scam manages to raise itself above others. but here is a link to some Apple suffering the same problem http://en.wikipedia.org/wiki/Mac_Defender [wikipedia.org] "The program appears in malicious links spread by search engine optimization poisoning on sites such as Google Image Search. When a user accesses such a malicious link, a fake scanning window appears, originally in the style of a Windows XP application, but later in the form of an "Apple-type interface". The program falsely appears to scan the system's hard drive. The user is then prompted to download a file that installs Mac Defender, and is then asked to pay US$59.95 to US$79.95 for a license for the software.
What reality matters is how quickly the OS is cleaned up In the case of Apple it took a month "The Mac security firm Intego discovered the fake antivirus software on May 2, 2011, with a patch not being provided by Apple until May 31"
Although it is worth pointing out all those poor computer experts(sic) that blame users on the lie that it must be porn or copyright programs that caused the damage when most of the time its simply lack of understanding of a single science.
Re:Always give them a chance (Score:4, Interesting)
You know, I got that same feeling when the article said this was from "Russian security firm Doctor Web" and the malware dates back to October 2012.
They may be legit, but I did a double take on the name and country of the company, as well as the date.
Looks like it comes from TFA, which is next to useless for actual helpful information. No mention of what ad networks, or what apps theses were found in. They even blur the website name of where they encountered an ad. The Next Web article seems to be copy-pasta from the AV 'article' (probably better described as a press release). I clicked around their site and their links are broken and redirect to a scary 404 page that gives me instructions on how to recover Windows. Pot, kettle, anyone?
But sure enough, they sell Android antivirus software.
(Full disclosure: I sell an app meant to teach new users about Android permissions, but also give the text of the guide away -- still, take what I say with a grain of salt, like anyone else).