Android scareware delivered via spoofed email notices
Posted on 11.09.2013
A spam campaign targeting Android and PC users simultaneously has been recently spotted by FireEye researchers.

The attacks starts with spoofed emails made to look like a wedding invitation or a "failed delivery" USPS notification.

If the user checks out the email via a PC and follows any of the offered links, he is served with a malicious zip file called Wedding_Invitation_Chicago.zip. Once run, it installs a variant of the Kuluoz downloader Trojan.

If, on the other hand, an Android user clicks on the link, he will be served the LabelReader.apk file, which contains the Mobile Defender android scareware - tested and described earlier this year by Sophos' Paul Ducklin.

The fake AV solution tries to make the victim believe that his phone is infected with a host of malware, and offers to clean it up if the user is willing to pay for a full version.

"In addition to displaying fake messages of infection, the APK also has the functionality to intercept incoming and outgoing phone calls as well as messages," says FireEye's Vinay Pidathala, and adds that it can also end incoming calls.

Users who have not enabled the “Allow installation of apps from Unknown Sources” setting on their Android devices (it comes disabled by default) are safe from these types of attacks and need to worry only about malicious apps offered on Google Play.

Those who have enabled it might want to consider using a legitimate Android AV solution, because attacks like this are bound to continue for some time. Or, they could always revert the setting to the safer mode.









Spotlight

The role of the cloud in the modern security architecture

Posted on 31 July 2014.  |  Stephen Pao, General Manager, Security Business at Barracuda Networks, offers advice to CISOs concerned about moving the secure storage of their documents into the cloud and discusses how the cloud shaping the modern security architecture.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //