Fake Market Serves All-You-Can-Eat Android Malware
Third-party Android markets have traditionally been the main source of infection since the Android boom, as they are less strict than the genuine Play when it comes to bouncing malware. If alternative Android markets have a couple of potentially dangerous applications, today’s catch is an Android market that only serves malware.
Dressed up to perfectly imitate the genuine Google Play, this rogue repository offers no less than 55 distinct applications that are all infected with Android.Trojan.FakeInst.P, a piece of malware that incurs additional costs by sending short messages to premium-rate services.
Unless you’re proficient in Russian, chances are you’ll miss the disclaimer at the bottom of the page that claims the application may send between two and three messages to a multitude of premium-rate numbers. Even if the unwary user knew that, the final sum of money added to the bill is purely arbitrary: the mentioned premium-rate numbers charge between 2 and 10 Euros, or the converted value in the victim’s currency.
As Android devices are gaining ground, cyber-crooks envision new ways to trick users into installing risky applications. If you’re frequently downloading applications from third-party Markets or if you’d like to add an extra layer of protection for your device, we strongly advise that you install a mobile security solution.