Premium Rate SMS Trojans in Google's Android Market

[Jack]

Premium rate SMS trojans were discovered in Google's Android Market earlier today.

The developer, named "Lagostrod", offered supposed free versions of many popular applications. And while Google has shut down the official market account, sites such as AppBrain still list the downloads.

Based on AppBrain's numbers, Lagostrod's apps were downloaded numerous times.

But that isn't the end of the story, the trojans are still live.

Read more..

 

[MrXidus]

Both DrWeb & Avast blocked it on my Android. Was curious to see and glad.

 

[Jack]

Both DrWeb & Avast blocked it on my Android. Was curious to see and glad.

Would've been interesting to see what permissions would this apps have requested.... could have bet on something like this :

 

[McLovin]

Blocked it on my Android when using Dr. Webs like MrXidus, so that's good to see it blocked.

 

[ranget]

mmm those android Phone are kind of Dangerous To have

 

[Jack]

mmm those android Phone are kind of Dangerous To have

I can tell you that now , while your using your Windows PC you have 1000% more chances of getting infected than while using an Android OS in a responsible way...
The entry point of Android malware are malicious apps from the Android Market ... If you just do a little research before installing any random app or actually reading the permission that the application needs before allowing it than you have 0% chances of getting infected.
At this point I do think that the risk of an infection is greatly exaggerated so that some companies can sell their security products....
With that said , Google should really get more involved here and check the apps before allowing them into it's Market... because the vast majority of the users won't even take 1 minute to check the apps,if they see the word FREE next to Assassin Creed or NFS.

 

[HeffeD]

because the vast majority of the users won't even take 1 minute to check the apps,if they see the word FREE next to Assassin Creed or NFS.

Of course, the same applies to computer users as well.

The word FREE tends to short circuit the common sense portion of the brains of an astonishingly large number of the population. :s

This is why phising and other social engineering scams are so prevalent.

 

[Jack]

Trend Micro has posted a very good article called : Checking the Legitimacy of Android Apps , definitely a recommended read for all those who are using a Android OS.

Checking the Legitimacy of Android Apps

The Android Market was once again infiltrated by malware, as a handful of premium service abusers (which we detect as ANDROIDOS_RUFRAUD.A) posed as legitimate apps were uploaded to the site. A few users were able to install the malicious apps before Google took them down– a fast reaction due to the quick responses from vigilant users and security firms.

Although the malicious apps are now off the Android Market, we must all be consistently on guard for malicious apps that may be able to find their way there in the future. Especially with Android offering their 10-cent sale to celebrate their 10 billion downloads, users are more likely to install offered apps to take advantage of the apps’ low cost.

To help users keep their Android device malware-free as they load them with more cool apps, in this post we will point out some key items to keep in mind before installing apps:

Be familiar with the developer/s behind popular apps

Cybercriminals regularly leverage certain apps’ popularity and attempt to do so by imitating the popular apps. But since they can not pose as the original developers, the developer’s name can be a good indicator for legitimacy. For example, the real Android Market page for the game Angry Birds shows that it was developed by Rovio Mobile, while the malicious one was developed by a user named Logastrod:

Users can also check the developer’s profile for other apps. Google also offers developer ratings, as well as the status “Editor’s Choice” that can further validate the developer’s legitimacy.

Read more>>

 

[McLovin]

I have Angry Birds installed on mine and the one installed was the one with the most positive feedback. I bet this also happens on the iOS market as well.