Android scareware delivered via spoofed email notices
Posted on 11.09.2013
A spam campaign targeting Android and PC users simultaneously has been recently spotted by FireEye researchers.

The attacks starts with spoofed emails made to look like a wedding invitation or a "failed delivery" USPS notification.

If the user checks out the email via a PC and follows any of the offered links, he is served with a malicious zip file called Wedding_Invitation_Chicago.zip. Once run, it installs a variant of the Kuluoz downloader Trojan.

If, on the other hand, an Android user clicks on the link, he will be served the LabelReader.apk file, which contains the Mobile Defender android scareware - tested and described earlier this year by Sophos' Paul Ducklin.

The fake AV solution tries to make the victim believe that his phone is infected with a host of malware, and offers to clean it up if the user is willing to pay for a full version.

"In addition to displaying fake messages of infection, the APK also has the functionality to intercept incoming and outgoing phone calls as well as messages," says FireEye's Vinay Pidathala, and adds that it can also end incoming calls.

Users who have not enabled the “Allow installation of apps from Unknown Sources” setting on their Android devices (it comes disabled by default) are safe from these types of attacks and need to worry only about malicious apps offered on Google Play.

Those who have enabled it might want to consider using a legitimate Android AV solution, because attacks like this are bound to continue for some time. Or, they could always revert the setting to the safer mode.









Spotlight

Infographic: 25 years of the firewall

Posted on 24 July 2014.  |  The firewall turned 25, and McAfee is celebrating with an infographic that creatively depicts its lifetime. If you take a moment to scan the infographic, you’ll notice the firewall's introduction and evolution coincide with certain security events.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Jul 25th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //