Android malware spreads via Facebook app

Facebook app used to circumvent Google's 'Bouncer' Android Market scanner.

Updated 2/27/12: It seems it didn't take the bad guys long to find a way around Google's 'Bouncer' security scanner for the Android Market. Rather than uploading malware to the Android Market, security firm Sophos has discovered new malware that spreads via the Facebook app.

Security researcher Vanja Svajcer explains how it works:

A few days ago I received a Facebook friend request and, as is usual, used my Android smartphone to check out the details of the person before I decided whether I wanted to become "friends" or not.

As the following video demonstrates, a link on the user's Facebook profile redirected my browser to a webpage that downloaded malware automatically onto my Android phone.

The malware package is called any_name.apk and is yet another dialer that calls premium rate numbers without the handset owner's consent. This is a popular trick used by those writing malware for mobile devices because it's an easy way to siphon money from the victim to the bad guys.

Image credit: Sophos

Sophos detect the rogue application as Andr/Opfake-C.

Updated editor's note: Although the download is initiated automatically, a Google spokesperson noted that the malware app will not be installed unless the user initiates that install action.