Android Fans

Malware Creators are Targeting Android with Bogus Apps published as AV Software

It had to happen sooner rather than later. There are now almost 5 times as many mobile connected devices, as there are desktop PCs, and the volume of mobile traffic is doubling every year. By 2016, it is expected that there will be more mobile-enabled devices, than there are people on the earth.

The explosive growth has attracted the attention of the criminal element, who are now turning much of their attention to the mobile space.

One of the ingenious methods that are being used to perpetrate crime in the mobile space, is by creating apps published as Anti-virus software for the Google Android platform. The method is ingenious while being  extremely insidious, because it targets the top 3 strategic areas of interest the mobile space.

  • We appear to have an satiable appetite for apps. At last count, almost one million apps each are now available  for both Android and iOS  platforms.
  • The Android platform appears ready to take over the lead as the most used operating system in the mobile arena.
  • Consumers may be overly eager to protect themselves from hazards and threats on the web, and to the unsuspecting, downloading and installing AV software appears to be the correct thing to do.

The scheme involves advertisements, which are actually embedded in some apps in Google Play. The ads displayed, prompt users to scan their mobile device for malware, and subsequently directs them to download and install a bogus AV application.

Using ads to entice users to download malware, has been one of the methods that criminals have used to  distribute malware for quite a long time. They now include the ever-expanding popularity of the Android platform, as a relatively inexpensive and highly efficient method to reach a much larger audience. The potential  for creating even more damage is now enhanced by offering free scans to detect viruses.

Fakealert Malware on Android Platform

The  misrepresented virus is actually a trojan that belongs to the family of Android, Fakealert malware. When a user clicks in the ad, they are then directed to site where the fake AV software can be downloaded. On wiki, this type of malware are refers to as Rogue Security Software because they act as a security tool, but they aren’t one.Here's the Fakealert malware on android prevention methods

After installation, of the app, which has since been identified as Android.Fakealert.4.origin, the user is notified that threats have been detected on their device, and in order to remove them, they must purchase a full version of the AV application. The fake AV program is also able to display messages as notifications that tell the user that a serious threat has been detected.

Android.Fakealerts were actually discovered in October of 2012, as the creators offered them as functional AV applications that were able to detect impending and existing threats. In order to eliminate the threats, users were then required to pay additional licensing fees. This technique has been used extensively in the desktop PC arena, and the same method is now being applied in the mobile space.

Apps are used offer conveniences, but they can also be used to misrepresent, and can be particularly insidious with some very clever coding techniques, that embed trojans  in your device and submit  your information to other locations. Some apps can be built to gain access to your internal file architecture using a reverse proxy.

There a few recommended practices that should be used to deter the spread of mobile malware. Although many of the practices can stem from simple common sense, they are often neglected.

Mobile users should exercise extreme care when using unfamiliar wireless networks, or public hotspots. The mobile space is not yet as hardened as the desktop area. Instead of immediately logging in at your favourite coffee shop, or airport lounge, you should try to limit your exposure to lurkers , who may be spying and snarfing your information without your knowledge.

David Mayor is a regular contributor to TechAtLast and her site that offer bitdefender promos. After investigating different applications he also continues to recommend ESET discount. You can find him at