Malware Menu at Faux Android App Site

Monday, March 19, 2012 @ 04:03 PM gHale

Online scammers adapt to their environment on a moment’s notice, so after Google changed the name of its official Android Market to Google Play, attackers went to town.

As quick as you can say jack rabbit, fake Russian versions of the redesigned site already popped up: “Download Google Play for Android Google Play is formerly known as the android market but now a vast and influential old android market combined with a store of books google ebookstore multi-format films and world music google music,” it is (badly) explained on the site.

Malware Developers say Tweet This
Reprise for Kelihos Botnet
Botnet Clients Integrate Exploit
New Botnet Goes to Market

Among the suspicious Android apps offered for download is a Google Play application (google-play.apk), which is actually a Trojan that subscribes the victim to premium number services without asking his or her permission, said researchers at Trend Micro.

The researchers said even if the Trojan in question is very similar to one discovered last month that has polymorphic abilities, this one has not and tries to avoid detection by having various innocuous files added to it.

With the popularity of Android smartphones increasing, and security lacking, “users are strongly advised to practice extreme caution when dealing with apps and app stores in general,” the researchers said.

Leave a Reply

You must be logged in to post a comment.