Symantec has discovered a new variant of Android.Opfake that directs Android device owners to install fake apps for a fee; these apps are actually available for free on the Google Play store. The apps in question are hosted on dedicated sites as well as fake app markets.
Android malware is on the rise. There have been many fake versions of Android apps (see links below) that try to cash in by sending expensive SMS messages. This is different as the money is only generated when users try to get more apps.
Above, the first two screenshots are what happens after you download, install, and open the app. It looks as if a second installation runs. When this fake installation completes, you are asked to confirm an agreement and continue by clicking a button. The agreement is actually a link at the bottom of the screen in the screenshot. If you read it, you'll find that you are being charged for using the app.
It's difficult to notice this, but that's the whole point. Cyber criminals are trying to trick the users in order to take their money.
You are then prompted to open up a website, as seen in the third screenshot. This one gives you a list of fake apps to install. Curiously, the first one simply takes you to the app on Google Play that you already installed. It shows that the app in question is actually free.
Please only install apps from Google Play unless you are absolutely certain who wrote the software you want to install. Fighting malware isn't just the responsibility of security firms: you also have to be smart about what you install.
- Android malware families nearly quadruple from 2011 to 2012
- A first: Hacked sites with Android drive-by download malware
- Warning: Fake Biophilla app on Android is malware
- Warning: Fake Instagram app on Android is malware
- Malicious version of Angry Birds Space spotted in the wild
- Researchers spot a fake version of Temple Run on Android's Market