Ainun Najib

DATA MANAGEMENT

Revolution rules

Subscribe to Security Newsletter

industry solutions

VIRTUAL PRESS OFFICESTM
(011) 807 3294   itnews@itweb.co.za | Advertise on ITWeb   Tue, 02 Sep, 19:28:28 PM
You are here Home In Depth Industry solutions

Android malware targets Instagram

Cyber criminals are using popular mobile applications to trick users into downloading malicious files.

Cashing in on the hype surrounding popular photo-sharing application Instagram, a number of fake versions of the app are doing the rounds online.

Senior technology consultant for Sophos, Graham Cluley, says: “Naturally, the Facebook acquisition news raised Instagram to even higher levels of public awareness and that's where the bad guys stepped in. Cyber criminals have created fake versions of the Instagram Android app, designed to earn money from unsuspecting users.”

Cluley says if users download the Instagram app from anywhere other than the official Google Play store, or directly from the Instagram Web site, they are running the risk of infecting their smartphones with malware.

One example is a Russian Web site that mimics the look of the Instagram site, and offers users a free download.

“In our tests, the app didn't do a very good job of emulating the genuine Instagram app, but that may be because it failed to find the correct network operator. Because this is a malicious app that seems to be relying on the sending of background SMS messages to earn its creators revenue,” says Cluley.

Recently, users looking to download Angry Birds Space were also being targeted. Other popular smartphone apps being used in the scheme are Fruit Ninja, Temple Run and Talking Tom Cat.

Fraud analyst for Trend Labs, Karla Agregado, says: “Both the rogue Instagram and Angry Birds Space are detected as ANDROIDOS_SMSBOXER.A. Based on our initial analysis, the malware will ask users to permit the sending of a query using short numbers to supposedly activate the app. In reality, this malware sends a message to specific numbers. The rogue app also connects to specific sites, to possibly download other files onto the device.

“Users are advised to remain cautious before downloading Android apps, especially those hosted on third-party app stores,” says Agregado.

Enjoyed this story? Subscribe to ITWeb's Security News newsletter.

Our comments policy does not allow anonymous postings. Read the policy here





Company news

 

 

 

 

Bytes IDM specialises in the provision of full Identity Lifecycle Management solutions through an array of hardware devices and software solutions. The IDM divisionprovides industry tailored solutions to both public and private sector organisations that require identity verification solutions when interacting with their clientele. Click here to learn more.

Top news

SECURITY BLOGS

GENERAL BLOGS


27-29
MAY
Security Summit
Sandton Convention Centre

AdWare.Win32.HotBar.dh
Trojan.JS.Popupper.aw
AdWare.Win32.FunWeb.kd
Trojan-Downloader.JS.IstBar.cx
AdWare.Win32.FunWeb.jp
Trojan-Downloader.JS.Agent.fxq
Exploit.HTML.CVE-2010-4452.h
Trojan.JS.Agent.bun
Trojan-Downloader.JS.Iframe.cew
Exploit.JS.CVE-2010-1885.k
ITWeb Cloud Computing Summit
Bridging the gap between customer expectations and vendor promises
16 & 17 September / The Forum, Bryanston
Struggling to manage a mix of cloud providers?
Get the 'Do's' and 'Don'ts' from BT's Gareth James
Click here to book your seat
Jonathan Kropf

Diamond sponsor

Platinum sponsor


Publications

ICT no longer a boys’ club

 

Networking

NETWORKING

Residential fibre


STAY INFORMED!



Sign up for ITWeb's free eNews newsletter today to receive all the day's need-to-know ICT happenings.