Slashdot Mirror

← Back to Stories (view on slashdot.org)

Android Users Get Scammed With In-App Antivirus Ads

Posted by timothy on from the like-robots-these-androids dept.

An anonymous reader writes "A new malware scheme has been discovered that pushes fake antivirus software to Android users via in-app advertising. Once installed, the trojan informs the victims they need to pay up to remove threats on their device. The malware in question, detected as "Android.Fakealert.4.origin" by Russian security firm Doctor Web, has been around since at least October 2012 according to the company. While Android malware that masks itself as an antivirus for Google's platform is nothing new, and neither are ads in Android apps pushing malware, but putting the two together can certainly be effective. This is naturally a practice that Windows users are all too familiar with."

5 of 82 comments (clear)

  1. Always give them a chance by belthize · · Score: 4, Interesting

    I will never understand why phishing and malware attempts always have some weird tell that they're not legit. Whether it's some bizarre choice of words in the midst of an otherwise fairly legit looking piece of email or Cyrillic text in the middle of an otherwise semi-legit looking app there's always a tell.

    It's as if the authors are carefully trying to prey only on the truly stupid.

    1. Re:Always give them a chance by alostpacket · · Score: 3, Interesting

      You know, I got that same feeling when the article said this was from "Russian security firm Doctor Web" and the malware dates back to October 2012.

      They may be legit, but I did a double take on the name and country of the company, as well as the date.

      Looks like it comes from TFA, which is next to useless for actual helpful information. No mention of what ad networks, or what apps theses were found in. They even blur the website name of where they encountered an ad. The Next Web article seems to be copy-pasta from the AV 'article' (probably better described as a press release). I clicked around their site and their links are broken and redirect to a scary 404 page that gives me instructions on how to recover Windows. Pot, kettle, anyone?

      But sure enough, they sell Android antivirus software.

      (Full disclosure: I sell an app meant to teach new users about Android permissions, but also give the text of the guide away -- still, take what I say with a grain of salt, like anyone else).

      --
      PocketPermissions Android Permission Guide
  2. Uninstallation last time by tepples · · Score: 3, Informative

    It's a lot easier to uninstall fake antivirus on Android than on Windows. Last time, removal took two steps: 1. remove it from the list of device administrators, and 2. uninstall the application from the device.

    Are other mobile platforms any less prone to deceptive in-app advertising?

  3. No "Unknown sources" and pay to "adb install" by tepples · · Score: 4, Interesting

    What's Android platform specific about this?

    Mobile platforms other than Android put substantial barriers in the way of being able to "run this random program you got from somewhere". Windows Phone 7 and iOS, for example, don't really have a counterpart to the "Unknown sources" checkbox of Android, and they charge $99 per year for "provisioning", which allows the user to load applications through the equivalent of adb install.

  4. Re:Malware by BasilBrush · · Score: 4, Insightful

    "Please run this random program you got from somewhere because we asked you to".
    Then something bad happens.
    What's Android platform specific about this?

    Well it doesn't happen on iOS.