Android malware tricks users into thinking it is Skype

Android malware tricks users into thinking it is Skype

Look out for fake, harmful versions of Skype.

Ask any shopper hunting for a knock-off Louis Vuitton bag on New York City’s Canal Street and they’ll tell you: There are good fakes, and there are bad fakes. A new piece of malware that disguises itself as the Skype for Android app would probably not pass muster under the eagle eyes of expert shoppers. This particular malware is called JAVA_SMSSEND.AB, and ZDnet said it is not a very good fake,a s it only runs on older Symbian phones or devices that allow Java MIDlet. Still, it poses a danger.

“The cybercriminals behind this scheme have set up fake websites advertising fake Skype apps. Most of the sites are hosted on Russian domains (.ru) but the fake apps themselves are hosted on Nigerien domains (.ne),” according to the news source. “The reason this is not a good fake is that instead of an .apk file (the expected package file for Android apps), users are served up with a .jar (Java MIDlet). While the app poses as an installer for Skype, what it really does is install a piece of malware. The devil is in the details: in the background, the malicious app sends expensive international text messages to earn its creators revenue.”

To avoid downloading this, ZDnet suggests downloading apps only from the official Google Play store and avoiding random download links.

Another fake version of Skype has found its way into citizen journalists’ phones and devices to spy on them, according to the Electronic Frontier Foundation. This malware, called the “BlackShades Remote Controller,” targets activists and claims to be an important new video. Instead, it can compromise the user’s account and send itself to people in the victim’s address book, making it very hard to stop once it is on a device.

EFF said this particular virus also possesses the ability to execute code on the infected computer or device, and may enable criminals to install further damaging programs on an infected device. The foundation said Syrian activists must be especially careful when downloading any files over the internet, but businesses and individuals everywhere should heed this advice as well, and exercise smart application control.

“As members of the Syrian opposition become more savvy in using encryption, satellite networks, and other tools to evade the Assad regime’s extensive Internet surveillance capabilities, pro-Syrian-government malware campaigns have increased in frequency and sophistication. For Syrian activists, poor security practices can have potentially disastrous consequences,” according to the group.

Do you normally make sure your apps are from a legitimate source before downloading them? Ever gotten a virus on your device? Let us know!

About The Author

Matt Williams

A self-proclaimed ‘tech geek’, Matt has worked in technology for a decade and divides his time between blogging and working in IT. A huge New York Giants fan, expert on Reboot Restore Technology when not watching football Matt gets his game on playing Call of Duty with his friends and other tech bloggers.

Sign Up For A 30-Day Trial


Deep Freeze Enterprise

Centralized deployment and management as well as a host of configuration options for the Enterprise.

  • This field is for validation purposes and should be left unchanged.

Ready to find out more about Faronics? Let us know how to reach you.

We're here to help you in any way possible.