Android users warned of fake app store malware risk

Anti-virus software vendor sounds alarm over malware-peddling Android app stores.

Android resize

Malware authors are setting up alternative app marketplaces to defraud unwitting Android phone users, according to anti-virus software vendor AVAST.

The firm's research team uncovered the scam, which tricks Android phone users into downloading apps that are used to send out premium rate SMS messages.

This is nothing new in the Android world as bad guys have been doing this in various ways for several months.

In an AVAST blog post, the firm identified four sites, including t2file.net, uons.net, uote.net and sofile.net, it claims have been deliberately set up by cyber criminals to defraud Android users.

The sites are reportedly inaccessible to computer users. But, when accessed via a smartphone, a downloader is installed that generates premium rate text messages.

"All these sites were registered a week ago, so it looks like they were supposed to serve as a malware hosting [platform] for bad guys from the very beginning," said the blog post.

"Analysing the trail the malware creators left for us, we've discovered a few sites they have used in order to attract users and all of them target Russian speaking people and look like alternative markets."

However, although the scam is targeted at Russian speakers, the fake downloader can create premium rate messages in 60 languages.

"This [malware] concept is nothing new in the Android world as the bad guys have been doing this in various ways for several months," said the blog.

"[The lesson is] never trust weird looking alternative markets and always check the app permissions. If you've downloaded a game that asks for SMS and phone call permissions, it probably means that someone is about to play you' instead," the post concluded.

Featured Resources

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Simplify cluster security at scale

Centralised secrets management across hybrid, multi-cloud environments

Download now

The endpoint as a key element of your security infrastructure

Threats to endpoints in a world of remote working

Download now

2021 state of IT asset management report

The role of IT asset management for maximising technology investments

Download now

Recommended

Bank-targeting malware disguises itself as video conferencing software
Security

Bank-targeting malware disguises itself as video conferencing software

19 Oct 2020
Your essential guide to internet security
Security

Your essential guide to internet security

23 Sep 2020
Best free malware removal tools 2020
Security

Best free malware removal tools 2020

21 Sep 2020
'NetWalker' ransomware explodes thanks to 'as a service' expansion
ransomware

'NetWalker' ransomware explodes thanks to 'as a service' expansion

4 Sep 2020

Most Popular

Do smart devices make us less intelligent?
artificial intelligence (AI)

Do smart devices make us less intelligent?

19 Oct 2020
Politicians need to stop talking about technology
Policy & legislation

Politicians need to stop talking about technology

21 Oct 2020
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

21 Oct 2020