Level 75
Jun 9, 2013
Operating System
Windows 10
A scareware campaign has been uncovered that pushes a ‘free’ VPN app called MyMobileSecure to iOS users via rogue ads on popular torrent sites. The VPN app itself appears to be real—but researchers say its privacy policies are dubious, at best.

The first interesting thing is the malvertising campaign that’s pushing the app. When using iPhone to visit certain sites, a pop-up page plays an ear-piercing beeping sound and claims the device is infected with viruses.

According to Malwarebytes Labs, the verbiage is almost hysterical: “We have detected that your Mobile Safari is (45.4%) DAMAGED by BROWSER TROJAN VIRUSES picked up while surfing recent corrupted sites.”

Clicking the pop-up takes a person to a fake website advertising the MyMobileSecure VPN, which, it says, will remove “infected applications and files”. Tapping on ‘Remove Virus’ button opens up the App Store to download the app.

“Such alerts on mobile devices are not new and sadly commonplace via may ad networks these days,” said Malwarebytes researcher Jérôme Segura, in a blog. “Usually, aggressive affiliates remunerated per lead will use these kinds of tactics to drive traffic to game apps or even tech support scams.”

From there it gets dicier. In order to activate the free VPN app, users must join the MobileXpression research community. Doing so is the legal equivalent of “opting in” to the company’s privacy policy, which notes that it will be collecting all kinds of information about the user.

Full Article. Scareware/Malvertising Campaign Targets iPhones