Email spam campaign distributes Android scareware
When it comes to Android , there is always a reason for intrusions and malware because Android is open-source and is vulnerable to many threats. Android malware is following in the footsteps of Windows malware as reported with attackers adopting some of the same distribution and commercial ( money gain ) techniques despite the major differences between the two wide platforms. Just recently , Rogue Android Skype app is open to a premium SMS fraud.
The latest development in this context is a mass email spam campaign being used to distribute Android scareware which are regarded and known as applications that use scare tactics to trick users into paying for services that have no much value. A few researchers from FireEye spotted and identified one such campaign that was launched on 6th September 2013 and is still live and going with full swing. Here’s the trick that is used – the rogue emails use themes like failed package delivery notifications from USPS or electronic wedding invitations that have long been used in phishing emails to spread Windows malware.
According to the blog-post on Tuesday , Vinay Pidathala ( Senior Security Researcher at FireEye ) says ;
The malware deceives all users to pay for cleanup of other non-existent infections on their device and in addition to display fake messages of infection, the (.apk) also has the functionality to intercept incoming and outgoing phone calls as well as messages. With advantage of the emails , distribution of Android malware is not a new technique, but it is not a common one at the same time .Using emails to distribute Android malware is not a new technique, but it is not a common one either. 80 out of 100 Android malware is still distributed through third-party app stores or Google Play Store at times.
On the same day , via email Bogdan Botezatu ( Senior e-threat Analyst at Bitdefender ) said ;
Spammed malware for Android is becoming more and more popular with cyber-criminals, because they can target more devices at once. Third wave of spam is already existing which is leading to Android malware this year and we presume that cyber-criminals are still just running vigorous tests to see how well their threats perform before taking the business to the next level so that they do not end up in any issue.