Posts Categorized: Android


FakeAV for Android! There you are!

by

By Nathan Collier Every super hero has an arch nemesis. For a lot of Threat Researchers, including myself, Rogue Security Products, or better known as FakeAV, is theirs. Back in the day when I was primarily a PC malware fighter, FakeAV was a prevalent threat that was always coming up with new ways to infect users nearly every other day. I knew it was only a matter of time that the same malware authors would turn mobile. I am afraid those days are upon us. How could I ever forget such an identifiable logo: “Android Security Suite Premium”… yeah, right!  […]

Continue Reading »

Rogue APKs continue to find new homes

by

by Armando Orozco We’ve been tracking rogue premium-sms Android apps for sometime now. Here’s an interesting site we came across offering a download of the Google Music application, but this one comes with a cost. This site serves up a premium-sms Trojan of the ransom variety. Targeting Russian speakers these Rogue’s, we call Android.FakeInst, offer to give access to the app but for a fee.                           

Continue Reading »

Evolution of Android Malware “The touch, the feel of being tricked into sending premium SMS messages, the worst feeling of our lives” (Part 3)

by

by Nathan Collier Android.SMS.FakeInst is a Trojan that aims to do one thing — trick users into sending premium SMS messages by pretending to be an install for an app.  Here’s how the scam works: The user sends three premium SMS messages in exchange for an app, but there is no guarantee that it will actually install anything after they already have your money.  These malicious apps are getting harder and harder to discern as malicious as the look and feel of these apps get better through newer iterations.  One variant of these Trojan apps, which comes from a known malicious […]

Continue Reading »

An Evolution of Android Malware “When stealing data isn’t enough meet…GoManag …“ (Part 2)

by

In our continued series of how Android malware authors continue adding functionality to their work we take a look at GoManag. First seen last year, targeting Chinese speakers, GoManag is a Trojan that installs as a service so it can run in the background, collects device information and downloads payloads.  Its odd name comes from part of a URL it attempts to contact to. Malicious GoManag app running in the background as the name “Google Search (Enhanced)”

Continue Reading »

An Evolution of Android Malware “My How You’ve Grown PJAPPS!” (Part 1)

by

We’ve all seen software grow.  We watch as our favorite software adds on new features and becomes better at what it does.  Malware writers are no different, they want their software to have more features as well as steal even more information. PJApps is a good example of this. PJApps is a Trojan that’s been around for a while causing havoc by being bundled in legitimate applications found in alternative Android markets, it is capable of opening a backdoor, stealing data and blocking sms behind the scenes.  In one variant of PJApps it requests the following permissions to steal information: […]

Continue Reading »

Report: 3,325% increase in malware targeting the Android OS

by

Which is the most targeted mobile operating system? According to the recently released 2011 Mobile Threats Report from our partners at Juniper Networks, that’s the Android OS. Key summary points from the report:

Continue Reading »

“Android Malware” – Thre@t Reply(video)

by

Are Android phones susceptible to Trojans and other viruses just like computer? How can you make sure your phone doesn’t become infected and if it does, what can you do? Webroot mobile threat research analyst, Armando Orozco answers this question that was asked to our Webroot Threat Research team via Twitter. [youtube=http://www.youtube.com/watch?v=55-CL-_TiEM]

Continue Reading »

Reflections on mobile security

by

By Armando Orozco Be wary the next time you enter your passcode into your iPhone on the bus – someone could be shoulder surfing. In fact, a team of researchers from the University of North Carolina has developed a system to watch you pecking out characters on your phone, analyse the video, and produce a pretty accurate guess of what you were typing. When people talk about key loggers, they’re usually thinking about malware that sits on a computer and surreptitiously monitors what keys people are pressing. But these university researchers are applying an entirely different approach to key logging. […]

Continue Reading »

‘Tis the season for mobile malware

by

By Armando Orozco You’ve heard of the “perfect storm”? Well, there may be one brewing in Android-land. We just wrapped up a study that revealed holiday shopping is about to go mobile—in a big way. Turns out, over two times more shoppers plan to buy gifts on their mobile device this year. Over two times more?! It got me thinking… We know that Android malware is on the rise. Even Android users themselves seem aware of it; our mobile study also found that 23 percent more Android users are concerned with the security of their information than iOS users. And […]

Continue Reading »

I don’t think it means what you think it means…

by

Websites Hosting Android Trojans   By Armando Orozco and  Nathan Collier Rogue Android apps are making their way into alternative markets. Yes, we’ve seen some malicious apps trickle through and they can be elusive. But we’re now seeing markets that are only hosting malware. These rogues are of the premium rate SMS variety and request the user to send a bounty if they want the app. The interesting thing is that the websites they’re hosted on are very well put together and you can see that a great deal of time was put into creating them.  The Websites These well-crafted […]

Continue Reading »