Ask any shopper hunting for a knock-off Louis Vuitton bag on New York City’s Canal Street and they’ll tell you: There are good fakes, and there are bad fakes. A new piece of malware that disguises itself as the Skype for Android app would probably not pass muster under the eagle eyes of expert shoppers. This particular malware is called JAVA_SMSSEND.AB, and ZDnet said it is not a very good fake,a s it only runs on older Symbian phones or devices that allow Java MIDlet. Still, it poses a danger.
“The cybercriminals behind this scheme have set up fake websites advertising fake Skype apps. Most of the sites are hosted on Russian domains (.ru) but the fake apps themselves are hosted on Nigerien domains (.ne),” according to the news source. “The reason this is not a good fake is that instead of an .apk file (the expected package file for Android apps), users are served up with a .jar (Java MIDlet). While the app poses as an installer for Skype, what it really does is install a piece of malware. The devil is in the details: in the background, the malicious app sends expensive international text messages to earn its creators revenue.”
To avoid downloading this, ZDnet suggests downloading apps only from the official Google Play store and avoiding random download links.
Another fake version of Skype has found its way into citizen journalists’ phones and devices to spy on them, according to the Electronic Frontier Foundation. This malware, called the “BlackShades Remote Controller,” targets activists and claims to be an important new video. Instead, it can compromise the user’s account and send itself to people in the victim’s address book, making it very hard to stop once it is on a device.
EFF said this particular virus also possesses the ability to execute code on the infected computer or device, and may enable criminals to install further damaging programs on an infected device. The foundation said Syrian activists must be especially careful when downloading any files over the internet, but businesses and individuals everywhere should heed this advice as well, and exercise smart application control.
“As members of the Syrian opposition become more savvy in using encryption, satellite networks, and other tools to evade the Assad regime’s extensive Internet surveillance capabilities, pro-Syrian-government malware campaigns have increased in frequency and sophistication. For Syrian activists, poor security practices can have potentially disastrous consequences,” according to the group.
Do you normally make sure your apps are from a legitimate source before downloading them? Ever gotten a virus on your device? Let us know!