Fake Android Skype App Malware

Tuesday, July 10, 2012 @ 01:07 PM gHale


A new piece of malware is taking advantage of Skype’s popularity, especially on mobile devices.

Cyber criminals created a fake version of the Skype for Android app, designed to earn money from unsuspecting users. Trend Micro, which first discovered the malware, is calling this threat JAVA_SMSSEND.AB.

RELATED STORIES
Windows 8 Attack Surface Larger
Linux Flash gets Double Security
Exploited in the Sandbox
Flash Update Fixes Firefox Crashes

The Java in the name should not be a surprise since Android apps end up developed in a custom version of the programming language. The app in question only runs on older (pre Software Installation Script) Symbian phones or Android devices that allow execution of Java MIDlet.

The cyber criminals behind this scheme have set up fake websites advertising fake Skype apps. Most of the sites are on Russian domains (.ru) but the fake apps themselves are on Nigerien domains (.ne).

The reason this is not a good fake is instead of an .apk file (the expected package file for Android apps), users get a .jar (Java MIDlet). While the app poses as an installer for Skype, what it really does is install a piece of malware. In the background, the malicious app sends expensive international text messages to earn its creators revenue.

Android lets you download and install apps from anywhere. If you want the official version of an app, however, get it from the official Google Play store.



Leave a Reply

You must be logged in to post a comment.