Users of Android devices may have to think twice
about the antivirus app they want to download and use
—it could be malware in disguise.
The newest malware disguised as an antivirus, dubbed VirusShield, was discovered this week, security vendor Trend Micro said.
"Virus Shield first became available on Google Play March 28. It cost US$3.99 and our analysis shows it was bought and downloaded more than 10,000 times. In fact, this malicious app became the No. 1 new ρáíd app in just over a week," it said in a blog post.
It said its analysis showed the app would change the image from an “X” to a checkmark image after a simple tap, and uses social engineering descriptions in the apps store to convince people it is legitimate.
Also, it noted the app claims to have a 4.7-star rating and more than 2,500 Google Plus “recommendations.” It was also posted as a social mobile app rather than a security app.
"Based on the 70/30 revenue split rule on Google Play, we estimate the developer of this app actually collected more than US$25,000 in less than 10 days," it said.
Trend Micro also said that while the app was removed from Google Play by Google on April 6, it is "still out there and attackers will likely post it to other online stores or sell it for direct download."
Malware problem
Trend Micro noted Android malware and high risk apps have already reached the two-million mark from October 2013 to March 26 this year.
In the first three months of 2014, it said it found more than 500,000 new instances of Android malware and high risk apps globally.
Future threat
Trend Micro warned that while the present fake AV does little harm other than fooling the user into paying for it, "it’s only a matter of time before great, more malicious FakeAV threats come to Android."
SOURCE: GMA NEWS NETWORK
about the antivirus app they want to download and use
—it could be malware in disguise.
The newest malware disguised as an antivirus, dubbed VirusShield, was discovered this week, security vendor Trend Micro said.
"Virus Shield first became available on Google Play March 28. It cost US$3.99 and our analysis shows it was bought and downloaded more than 10,000 times. In fact, this malicious app became the No. 1 new ρáíd app in just over a week," it said in a blog post.
It said its analysis showed the app would change the image from an “X” to a checkmark image after a simple tap, and uses social engineering descriptions in the apps store to convince people it is legitimate.
Also, it noted the app claims to have a 4.7-star rating and more than 2,500 Google Plus “recommendations.” It was also posted as a social mobile app rather than a security app.
"Based on the 70/30 revenue split rule on Google Play, we estimate the developer of this app actually collected more than US$25,000 in less than 10 days," it said.
Trend Micro also said that while the app was removed from Google Play by Google on April 6, it is "still out there and attackers will likely post it to other online stores or sell it for direct download."
Malware problem
Trend Micro noted Android malware and high risk apps have already reached the two-million mark from October 2013 to March 26 this year.
In the first three months of 2014, it said it found more than 500,000 new instances of Android malware and high risk apps globally.
Future threat
Trend Micro warned that while the present fake AV does little harm other than fooling the user into paying for it, "it’s only a matter of time before great, more malicious FakeAV threats come to Android."
SOURCE: GMA NEWS NETWORK
Attachments
-
You do not have permission to view the full content of this post. Log in or register now.