Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Android Google Technology

Fake Antivirus Scams Spread To Android 236

SharkLaser writes "Fake antivirus scams have plagued Windows and Mac OS X during the last couple of years. Now it seems like such scams have spread to Android. Fake antivirus scams on Android work the same as they do on PC's — a user with an Android phone downloads an application or visits a website that says that the user's device is infected with malware. It will then show a fake scan of the system and return hard-coded 'positives' and gives the option the option to buy antivirus software that will 'remove' the malware on the affected system. Android, which is based on Linux, has been plagued with malware earlier too. According to McAfee, almost all new mobile malware now targets Android. Android app stores, including the official one from Google, has also been hosting hundreds of trojan applications that send premium rate SMSes on behalf of unsuspecting users."
This discussion has been archived. No new comments can be posted.

Fake Antivirus Scams Spread To Android

Comments Filter:
  • by 0100010001010011 ( 652467 ) on Sunday January 01, 2012 @06:09PM (#38558684)

    Damn, man, if you'd bothered to run Linux/FLOSS all this time, you could have just fscking ignored the whole malware situation entirely.

    You mean like Android? No matter what the adoption rate of Linux or even OpenBSD, you're still going to have dumb users. When you need 'sudo' to install a new app. That same command can be used to install anything.

  • by chrb ( 1083577 ) on Sunday January 01, 2012 @06:18PM (#38558742)

    When you need 'sudo' to install a new app.

    You don't. There have been GUI application installers on Linux for over a decade.

  • Re:Couple of years? (Score:5, Informative)

    by stephanruby ( 542433 ) on Sunday January 01, 2012 @06:38PM (#38558854)

    McAfee should know, it's one of them too.

    Their free trial virus scanner does the same thing, it's just slightly more subtle about it. I appreciate the fact that it helps clean up cookies, and I hate ad-network cookies as much as the next guy, but labeling each ad-network cookie as a separate infection is only designed to oversell what it does, and alarm non-technical users into ponying up more money for their over-priced software.

    And eventually, their software behaves just like most malware anyway. It nags you every year for you to pay to resubscribe. It continually runs in the background slowing down your computer in everything it tries to do. And it ends up stealing a good portion of screen real estate away from a non-sophisticated user, who usually doesn't know how to remove it from his/her internet browser.

    Not to mention that on a mobile device, it will also suck the battery dry.

  • Re:Walled gardens.. (Score:5, Informative)

    by shellbeach ( 610559 ) on Sunday January 01, 2012 @07:52PM (#38559416)

    So how does one know? All of this pontificating about dumb or lazy users doesn't really help. How do I distinguish a download of Uno, for example, that has embedded malware from one that doesn't?

    One word: permissions. When you install an app on Android, you will be prompted with the permissions the app is requesting, and asked if you want to install it. You, the user, have a very good breakdown of exactly what an app can do before it gets installed. And for sending SMSes, it's extremely clear -- the permission is described first as "Services that cost you money" and will then list that it can send SMS messages. It should be obvious that Uno has no need to be sending SMSes on your behalf.

    So anyone who gets burnt by these schemes would have to (a) search for a dodgy "free" version of a popular paid app and (b) install it even when there was a warning that it was going to potentially send costly SMSes. I know there are suckers born every minute, but you'd have to be a really, really cheap and stupid one to get hit by this.

    Of course, potentially Google should have predicted this and included an "Allow always/allow once/reject" prompt the first time a third-party app attempts to make a phone call or send an SMS. It's probably not a bad idea ...

  • Re:Walled gardens.. (Score:5, Informative)

    by chrb ( 1083577 ) on Sunday January 01, 2012 @10:09PM (#38560178)

    the iOS App Store and KNOW all that stuff has already been done for me

    Malicious app penetrates iTunes store to test security [bbc.co.uk] Miller's malware was on the Apple app store for over 2 months, so clearly the Apple store is vulnerable to the same sort of shenanigans as the Android market.

    Apple has never had to exercise its "Kill Switch" option for an App already in the Wild

    From the BBC article: "Apple declined to comment. It also removed the app and barred the developer from its store."

To avoid criticism, do nothing, say nothing, be nothing. -- Elbert Hubbard