Android scareware delivered via spoofed email notices
Posted on 11.09.2013
A spam campaign targeting Android and PC users simultaneously has been recently spotted by FireEye researchers.

The attacks starts with spoofed emails made to look like a wedding invitation or a "failed delivery" USPS notification.

If the user checks out the email via a PC and follows any of the offered links, he is served with a malicious zip file called Wedding_Invitation_Chicago.zip. Once run, it installs a variant of the Kuluoz downloader Trojan.

If, on the other hand, an Android user clicks on the link, he will be served the LabelReader.apk file, which contains the Mobile Defender android scareware - tested and described earlier this year by Sophos' Paul Ducklin.

The fake AV solution tries to make the victim believe that his phone is infected with a host of malware, and offers to clean it up if the user is willing to pay for a full version.

"In addition to displaying fake messages of infection, the APK also has the functionality to intercept incoming and outgoing phone calls as well as messages," says FireEye's Vinay Pidathala, and adds that it can also end incoming calls.

Users who have not enabled the “Allow installation of apps from Unknown Sources” setting on their Android devices (it comes disabled by default) are safe from these types of attacks and need to worry only about malicious apps offered on Google Play.

Those who have enabled it might want to consider using a legitimate Android AV solution, because attacks like this are bound to continue for some time. Or, they could always revert the setting to the safer mode.









Spotlight

Bash Shellshock bug: More attacks, more patches

Posted on 29 September 2014.  |  As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it opens.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //