IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Android users warned of fake app store malware risk

Anti-virus software vendor sounds alarm over malware-peddling Android app stores.

Android resize

Malware authors are setting up alternative app marketplaces to defraud unwitting Android phone users, according to anti-virus software vendor AVAST.

The firm's research team uncovered the scam, which tricks Android phone users into downloading apps that are used to send out premium rate SMS messages.

This is nothing new in the Android world as bad guys have been doing this in various ways for several months.

In an AVAST blog post, the firm identified four sites, including t2file.net, uons.net, uote.net and sofile.net, it claims have been deliberately set up by cyber criminals to defraud Android users.

The sites are reportedly inaccessible to computer users. But, when accessed via a smartphone, a downloader is installed that generates premium rate text messages.

"All these sites were registered a week ago, so it looks like they were supposed to serve as a malware hosting [platform] for bad guys from the very beginning," said the blog post.

"Analysing the trail the malware creators left for us, we've discovered a few sites they have used in order to attract users and all of them target Russian speaking people and look like alternative markets."

However, although the scam is targeted at Russian speakers, the fake downloader can create premium rate messages in 60 languages.

"This [malware] concept is nothing new in the Android world as the bad guys have been doing this in various ways for several months," said the blog.

"[The lesson is] never trust weird looking alternative markets and always check the app permissions. If you've downloaded a game that asks for SMS and phone call permissions, it probably means that someone is about to play you' instead," the post concluded.

Featured Resources

Meeting the future of education with confidence

How the switch to digital learning has created an opportunity to meet the needs of every student, always

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

Technology reimagined

Why PCaaS is perfect for modern schools

Free Download

Recommended

Hackers could use new Wslink malware in highly targeted cyber attacks
malware

Hackers could use new Wslink malware in highly targeted cyber attacks

1 Nov 2021
FBI raids Chinese POS business following cyber attack claims
malware

FBI raids Chinese POS business following cyber attack claims

27 Oct 2021
Malware developers create malformed code signatures to avoid detection
malware

Malware developers create malformed code signatures to avoid detection

24 Sep 2021
New malware uses search engine ads to target pirate gamers
malware

New malware uses search engine ads to target pirate gamers

21 Jul 2021

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

7 Jun 2022
The top programming languages you need to learn for 2022
Careers & training

The top programming languages you need to learn for 2022

23 Jun 2022
Attracting and retaining talent through training
Sponsored

Attracting and retaining talent through training

13 Jun 2022