June 15, 2012Nathan Collier By Nathan Collier

FakeAV for Android! There you are!

By Nathan Collier

Every super hero has an arch nemesis. For a lot of Threat Researchers, including myself, Rogue Security Products, or better known as FakeAV, is theirs. Back in the day when I was primarily a PC malware fighter, FakeAV was a prevalent threat that was always coming up with new ways to infect users nearly every other day. I knew it was only a matter of time that the same malware authors would turn mobile. I am afraid those days are upon us. How could I ever forget such an identifiable logo:

“Android Security Suite Premium”… yeah, right!  This spy which is being called Android.FakeSecSuit   retrieves incoming sms messages, extracts the phone number and message, and then sends the stolen info off:

As you can see in the GET command from the PCAP, highlighted in blue is the phone number and message I sent to my test phone now being sent off to a site.

Now that the developers of the popular FakeAV malware have entered into the mobile world expect to to see a lot more variations of this… and if they follow the same pattern as they did in the PC world, I mean A LOT! We are seeing it in Torrents and/or alternative markets. Remember, when downloading Android apps choose them wisely and download  from a trusted source. Check reviews, research the developer and verify  permissions requested before downloading. And of course, scan with Webroot SecureAnywhere Mobile.

Share Button

22 Responses to FakeAV for Android! There you are!

  1. Pingback: Fake Android antivirus app likely linked to Zeus banking Trojan, researchers say | Android News Center

  2. Pingback: Fake Android Antivirus App Likely Linked to Zeus Banking Trojan, Researchers Say

  3. Pingback: Tux Doc » Fake Android Antivirus App Likely Linked to Zeus Banking Trojan, Researchers Say

  4. Pingback: Fake Android Antivirus App Likely Linked to Zeus Banking Trojan, Researchers Say | Geeklin

  5. Pingback: Fake Android Antivirus App Likely Linked to Zeus Banking Trojan, Researchers Say « Fix-Singh - Computer Repairs LeicesterFix-Singh – Computer Repairs Leicester

  6. Pingback: Fake Android antivirus app likely linked to Zeus banking Trojan … | AndroBerry

  7. Pingback: 'Android Security Suite Premium' App is Malware in Disguise | Technology News, Computer Security - Hyphenet Blog

  8. Pingback: Fake Android Antivirus App Likely Linked to Zeus Banking Trojan, Researchers Say | IT Security News

  9. Pingback: Fake Android Antivirus App Likely Linked to Zeus Banking Trojan, Researchers Say | Stop Spam Tips

  10. Pingback: Fake Android antivirus app likely linked to Zeus banking Trojan …

  11. Pingback: Fake Android Antivirus App Likely Linked to Zeus Banking Trojan, Researchers Say « RMK Consulting

  12. Pingback: Fake Android antivirus app likely linked to Zeus banking Trojan, researchers say | News24

  13. Pingback: Fake Android antivirus app likely linked to Zeus banking Trojan, researchers say | BlogInThis

  14. Pingback: SecRelm » Fake Android antivirus app likely linked to Zeus banking Trojan, researchers say

  15. Pingback: Fake Android antivirus app likely linked to Zeus banking Trojan, researchers say | Network Security Software

  16. Pingback: Fake Android Antivirus App Likely Linked to Zeus Banking Trojan, Researchers Say | Android Phone Center

  17. Pingback: Fake Android Antivirus App Linked to Zeus Banking Trojan: Kaspersky | Network Security Software

  18. Pingback: Fake Android antivirus app likely linked to Zeus banking Trojan … | Blog

  19. Pingback: Fake Android antivirus app likely linked to Zeus banking Trojan … | Firman23

  20. Pingback: Fake Android Antivirus App Likely Linked to Zeus Banking Trojan … | Androhandset.com

  21. Pingback: Fake Android Antivirus App Likely Linked to Zeus Banking Trojan, Researchers Say | Androhandset.com

  22. Pingback: Cyberciminals launch managed SMS flooding services « Webroot Threat Blog

Leave a Reply

Your email address will not be published. Required fields are marked *

true