Shady Android AV pushed onto unsuspecting users
Posted on 16.12.2013
A deceptive advertising campaign pushing a shady antivirus solution is actively targeting Android users, warns Malwarebytes' Armando Orozco.

The pop-ups are triggered when mobile users visit certain sites - Orozco doesn't say which ones, but says that they aren’t ones they would expect to see malware on - and the warning is clear: an Android virus has been detected.

Users who have been spooked enough to press the offered "Remove Virus" are redirected to mobile.alert.secure-intl.com, where they face another pop-up and are given the name of the malware:


They are then offered to install a “Free Antivirus Security Android app" - Android Armor, a inferior AV solution that has been around for quite a while and uses the results of popular free malware-checking service VirusTotal to "detect" malware.

The problem with Android Armor is that it effectively offers lousy protection. It also bills itself as a free solution, but will continue to push users to buy the full version, which is also not effective enough to justify the price tag.

Technically, this isn't a malicious app, but it can do a lot of damage indirectly, as users lose money and gain a false sense of security.

"We’re accustomed to seeing these [advertising] practices with malware, but this isn’t standard practice for legitimate software.This could be a case of an overzealous advertiser who gets paid each time the app is installed," Orozco points out. "We’ve reached out to Android Armor to see if they are aware of the practices and have not heard back."

He advises to users not to install any app delivered via pop-up, spam, or phishing link. "If an app seems interesting, don’t install at that time, search it out and find a reputable place to install—providing you find it’s legitimate," he concludes.









Spotlight

(IN)SECURE Magazine issue 43 released!

Posted on 16 September 2014.  |  (IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. This issue covers web application security, mobile hacking, certification, Black Hat, and much more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Sep 17th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //