According to Lookout, a number of incarnations of a particular threat dubbed "RuFraud" have been found on the official Android Market posing as legitimate apps. Some were horoscope and popular-movies-wallpaper apps, other posed as downloaders for popular games, but behind the facade they were all the same.
"The initial application activity presents the user with a single option to continue, which is presumed to be an agreement to premium charges that are buried within layers of less than clear links," explains Lookout, and adds that while users in a number of Western and Eastern European countries, as well as in Israel, Kazakhstan, Kyrgyzstan, Tajikistan, Azerbaijan and Armenia could be affected, North American users are safe since the "fraudulent SMS code is gated on the user’s country."
Google has been notified about the malicious apps and has promptly removed them from the Android Market. Unfortunately, it took only a day for more of these apps to appear again. Masqueraded as free versions of popular games, this time they were downloaded over 14,000 times in total before being pulled.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.