Multi-platform attack site discovered via fake Lookout Android app
Posted on 19.10.2012
Researchers from security firm TrustGo have recently spotted on Google Play a bogus app that supposedly automatizes the updating of a batch of other apps.

What piqued their interest was the fact that, once installed, the app could not be found in the Application List, but only in the Downloaded app list, and sporting the logo of the mobile security firm Lookout:



Further analysis of its behavior established that the app is capable of harvesting data (SMS and MMS messages, images and videos) from the Android device on which it is installed and send it to a remote server located in the U.S.

The researchers managed to access the server and have discovered messages and videos stolen from a number of users already, as well the fact that it hosts a malicious website that is capable of dropping malware on the visitors' machines.

"The Android malware found on Google Play is just a part of the attack," the researchers warn. "The malicious website is targeting multiple platforms including Windows, Mac and Unix/Linux operating systems. It will drop different Trojan files depending on the userís operating system."

Lookout piped up to say that the fake app is in no way related to the company or the Lookout mobile security application. "Although the app does contain a Lookout branded asset, it was not primarily branded as a Lookout-specific update. The only way that a user could confuse the application with Lookout is after installation," they wrote.

After the researchers notified Google, the app has been removed from Google Play, but there is no news on whether the malicious website and the server have been shut down.






Spotlight

Android Fake ID bug allows malware to impersonate trusted apps

Posted on 29 July 2014.  |  Bluebox Security researchers unearthed a critical Android vulnerability which can be used by malicious applications to impersonate specially recognized trusted apps - and get all the privileges they have - without the user being none the wiser.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Jul 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //