New malicious Android app is spreading through Facebook, do not click every random link you see

You know how you are always cautioned about clicking on any and all links you see? The reason behind this is you simply don’t know what may be behind the URL, and by the time you find it out it may be too late. Although this (good) advice is typically reserved for traditional computing, you should follow the advice while on mobile devices, too. If you don’t, bad things may happen — like the following.

Vanja Svajcer of Sophos, a security firm that offer anti-malware security products, received a friend invite on Facebook. Wanting to check out this “friend” before accepting the invite, Svajcer visited the person’s profile using the Facebook app on his Android phone. Although he should have known better, Svajcer clicked on the link listed as the person’s “website”. Upon clicking the the link, Svajcer’s browser was redirected multiple times and eventually ending up downloading “any_name.apk”.

After inspecting “any_name.apk”, Svajcer determined it is one of those send-messages-to-premium-numbers-to-steal-money malware apps. The malicious app doesn’t appear to be very sophisticated in nature; it doesn’t appear to exploit any Android vulnerabilities but rather is using social engineering as the attack vector. To be infected by this malicious app, one would have to manually install it (known as sideloading) — the app doesn’t install itself: the APK installer downloaded onto Svajcer’s device but it was up to Svajcer to install the app or not. Of course, Svajcer didn’t install the app so he wasn’t infected but other not-so-technically-inclined people might if the app is ever downloaded on their devices. So, the moral of the story? Don’t click random links, especially on Facebook. And read dotTech’s advice on how to stay safe on Android.

[via Sophos]

Related Posts