09-10-2013 01:57 PM
Android malware is following in the footsteps of Windows malware with attackers adopting some of the same distribution and monetization techniques despite the major differences between the platforms.
The latest development is a mass email spam campaign being used to distribute Android scareware -- applications that use scare tactics to trick users into paying for worthless services. Researchers from security vendor FireEye identified one such campaign that was launched on Sept. 6 and is still ongoing.
The rogue emails use themes like failed package delivery notifications from USPS or electronic wedding invitations that have long been used in phishing emails to spread Windows malware.
The emails contain links that lead to websites serving an Android package (APK) file called LabelReader.apk. This APK installs a known Android scareware application called FakeDefender that masquerades as a commercial Android security product.
"The malware deceives users into paying for cleanup of other non-existent infections on their device," said Vinay Pidathala, a senior security researcher at FireEye, Tuesday in a blog post. "In addition to displaying fake messages of infection, the APK also has the functionality to intercept incoming and outgoing phone calls as well as messages."