Saturday

Beware of Android malware scam promising antivirus


Users of mobile devices running Google's Android were warned over the weekend against a new "malvertising" scam that promises an antivirus but instead subscribes them to premium ringtone and wallpaper services.

Security vendor Bitdefender said a banner delivered by an advertising SDK included in some legitimate apps was deploying a scareware-type attack.

"When users download an app containing the advertising module delivering this scam, an alarmist banner pops-up out of the blue on the handset screen, making users believe their devices are infected with malware and prompts them towards purchasing a useless disinfection tool," Bitdefender's Loredana Botezatu said in a blog post.

However, she said the providers of the advertising module may not be aware their service is delivering a malicious banner, and that it could have been "an invalidated ad that accidentally reached the market."

Botezatu said the scam involves a sudden pop-up message on Android devices, suggesting the device was infected with malware.

It then tells owners to test their devices for possible malware. When tapped, the ad redirects users to a web page that tells them to download a disinfection tool.

The user is told to enter his or her phone number in a form, then press Download, Botezatu said.

"But instead of getting the Android device cleaned up, they get signed up with a premium-rate ringtone and wallpaper service that charges €3.00 per week plus taxes until the user unsubscribes manually," she added.

Botezatu also said the webpage redirects are based on geolocation, "so the premium service partner is chosen from the ones available in the victim’s location."

This means that if a user in Spain installs the app, he will receive messages written Spanish, and if the user is in Germany or Australia, the banners will be in German and English, respectively, she said.

Botezatu advised Android users to unsubscribe immediately by sending a SMS message to the number in the "Terms and Conditions" section of the website.

She also suggested that the user "uninstall immediately the apps you downloaded recently." – KDM, GMA News

source: gmanetwork.com