New Mobile Malware Resistant To Most Antivirus Apps

Android smartphone with Google Play

The way smartphones are used is changing. More users are willing to surf the web, and even make purchases with their phones than ever before. Unfortunately, this means that it’s more profitable than ever to launch malware attacks against these devices. At Dark Reading, Kelly Jackson Higgins explains one of the latest threats against Android users and how it could compromise users’ bank accounts.

The attack begins with a fake Google Play store app icon appearing on your device. If you look closely, this fake icon is easy to spot. It’s titled “Googl App Stoy”. This would be a dead giveaway that it’s a fake, but many users fail to look past the official looking logo.

It’s unclear how exactly the malware infects Android devices, but it’s likely done through a malicious app that’s either infiltrated the official Play store or the user downloaded from an unverified location.

The malware lay larges dormant on a device until the fake Play store app is clicked. At that point, it is activated and able to steal banking website log in information, as well as text messages.

What makes this malware particularly dangerous is how difficult it is to get rid of. Only three out of 51 antiviruses tested were able to detect its presence. That’s led to about 200 reported victims over the past 30 days. Complicating matters even further is the app’s supposed ‘Uninstall’ feature. While using ‘Uninstall’ seems to remove the app icon, it reappears and the malware continues to run when the device is restarted.

So far, this attack has only targeted Korean users, but that suggests that users in the US could be targeted soon by this or similar malware.

If your device is infected with malware, or you’d like to find out how to protect yourself better, call Geek Rescue at 918-369-4335.

 

June 19th, 2014