Android malware spread via Face book If you’re with Face book on your Android Smartphone, you ought to be now as cautious clicking on links as you would (hopefully) be on a desktop computer. A few days ago I conventional a Face book friend request and, as is usual, used my Android smart phone to make sure out the particulars of the person before I determined whether I required to become “friends” or not.
As the subsequent video demonstrates, a link on the user’s Face book profile redirects my browser to a webpage that downloaded malware automatically onto my Android phone.
(Enjoy this video? create sure out more on the SophosLabs YouTube channel.)
The malware wrap up was called any_name.apk, and appear to have been intended to earn money for fraudsters through best rate phone services. Alarm bells absolutely rang when I notice the app was using a class name which attempt to connect it with the lawful Opera browser app:
An encrypted configuration file within the package include the dialling codes for all support countries (for instance, the UK is in there) and the best rate number and text of the SMS message which it intends to send. Although the app makes pretence of informing you what it tactics to do when you first run the program, it is being pushy in the great by installing itself without your permission.
What’s still more doubtful is that when I revisted the url on my Android smart phone a a small number of days later, I was redirect to another website which downloaded a dissimilar app (allnew.apk) which had the same functionality as the previous example, but was non-identical on a binary level.