Scareware Meets Smartphones

Thursday, January 5, 2012 @ 03:01 PM gHale


Software that alerts victims their devices are suffering from an infection and then solicits them to pay money to clean their computers is now targeting Android users.

Until now Windows systems were the main target for these scareware ploys, but Kaspersky Lab researchers found online scam artists are starting to focus on smartphone owners.

RELATED STORIES
Smartphone Users: Malicious Apps Abound
Data Treasure on Old Smartphones
Looking for a SSL Fix
Targeted Attacks on Rise

While searching for some popular mobile apps such as Opera Mini, experts came across a couple of phony web pages that claim the user’s device has an infection with a piece of malware, requesting access to the phone to provide further details.

If the victim accepts, he then goes to another page that brings up some worrying results. The site finds malware in messages, calls, apps, and the storage unit.

Unlike the rogue applications that target Windows systems, where the victim has to provide sensitive information or a certain activation fee, in this case, he can click on a link to activate a “security system” free of charge.

Once the false system activates, a Trojan identified as SMS.AndroidOS.Scavir downloads and then installs on the phone.

After the installation is complete, a menu icon similar to the one belonging to Kaspersky applications appears and after making sure it has all the permission it needs, starts sending SMSs to premium rate numbers.

The experts warn not only Android users are the target. If the phone is running a non-Android operating system, the malicious webpage serves a file called VirusScanner.jar identified as Trojan-SMS.J2ME.Agent.ij.



Leave a Reply

You must be logged in to post a comment.