Alternative Android Market Warning

Tuesday, May 15, 2012 @ 02:05 PM gHale


There is an increasingly large number of malicious websites designed to infect Android devices with the Android:FakeInst SMS Trojan.

In addition, there is a hike in the alternative Android app markets that smartphone operators should stay away from, said researchers at security provider Avast.

RELATED STORIES
Android Malware via Twitter
Android Malware via Video Game
Dating Site Acts as GPS for Malware
Node.js Fixes Java Security Holes

Several domains, such as t2file.net and uote.net, store at least 25 new apps that mask the piece of malware, researchers said.

After users hit these websites, they see a phony downloader program. The truly bad thing about this app is it tells the victim the operation may cost money, but the quit button doesn’t work.

Once the installation process begins, there’s nothing you can do, but click on the “Agree” or “OK” buttons. There are methods to stop the task, but to the untrained user it appears he has no other choice.

As soon as the victim clicks on one of these buttons, an SMS to a premium rate number goes out immediately. The Trojan contains premium numbers for around 60 different countries worldwide, which means the victim will most likely end up with an inflated phone bill.

In order to prevent experts from analyzing the malware, its creators have used AES encryption to make the file inaccessible.

Each SMS sent out by Android:FakeInst costs around $4, which means the cybercriminals behind this operation can earn good money from users who make the mistake of downloading software from alternative markets.

“Never trust weird looking alternative markets and always check the app permissions. If you’ve downloaded a game that asks for SMS and Phone calls permissions, it probably means that someone is about to “play you” instead,” said Avast’s Alena Varkočková.



Leave a Reply

You must be logged in to post a comment.