Fake mobile AV apps offered on Google Play
Posted on 10.05.2012
Downloading apps from Google Play, the official online Android app market, is not without its dangers.

Even though Google has been scanning the offered apps for malware by using "Bouncer" - an automated app scanning service that should, in theory, detect malicious software and developers who keep offering it - there are still instances where they aren't booted out of the market soon enough.

Security researchers from AegisLab have recently discovered over 15 fake AV and "free SMS" apps being offered by the same developer ("thasnimola") that has been flagged for selling fake NQ Mobile apps in April.

According to them, the developer uses the Appsgeyser webkit to automatically generate fake apps, and he continues offering them on Google Play.

When users try to download the app, they are redirected to the developers' "official" site, and the researchers are still not clear on whether the offered apps are malicious, or just a way of luring users to this particular site.

The apps may be free of charge and simply not work as advertised, but the are still bad news as users who have installed them might believe they are protected when they are not.


MagSpoof: A device that spoofs credit cards, disables chip-and-PIN protection

The device can wirelessly spoof credit cards/magstripes, disable chip-and-PIN protection, and predict the credit card number and expiration date of Amex cards after they have reported stolen or lost.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Nov 26th