Broadcasting

BROADCASTING

Migration woes

Subscribe to Security Newsletter

VIRTUAL PRESS OFFICESTM
(011) 807 3294   itnews@itweb.co.za | Advertise on ITWeb   Thu, 02 Oct, 10:31:00 AM
You are here Home

Android malware targets Instagram

Cyber criminals are using popular mobile applications to trick users into downloading malicious files.

Cashing in on the hype surrounding popular photo-sharing application Instagram, a number of fake versions of the app are doing the rounds online.

Senior technology consultant for Sophos, Graham Cluley, says: “Naturally, the Facebook acquisition news raised Instagram to even higher levels of public awareness and that's where the bad guys stepped in. Cyber criminals have created fake versions of the Instagram Android app, designed to earn money from unsuspecting users.”

Cluley says if users download the Instagram app from anywhere other than the official Google Play store, or directly from the Instagram Web site, they are running the risk of infecting their smartphones with malware.

One example is a Russian Web site that mimics the look of the Instagram site, and offers users a free download.

“In our tests, the app didn't do a very good job of emulating the genuine Instagram app, but that may be because it failed to find the correct network operator. Because this is a malicious app that seems to be relying on the sending of background SMS messages to earn its creators revenue,” says Cluley.

Recently, users looking to download Angry Birds Space were also being targeted. Other popular smartphone apps being used in the scheme are Fruit Ninja, Temple Run and Talking Tom Cat.

Fraud analyst for Trend Labs, Karla Agregado, says: “Both the rogue Instagram and Angry Birds Space are detected as ANDROIDOS_SMSBOXER.A. Based on our initial analysis, the malware will ask users to permit the sending of a query using short numbers to supposedly activate the app. In reality, this malware sends a message to specific numbers. The rogue app also connects to specific sites, to possibly download other files onto the device.

“Users are advised to remain cautious before downloading Android apps, especially those hosted on third-party app stores,” says Agregado.

Enjoyed this story? Subscribe to ITWeb's Security News newsletter.

Our comments policy does not allow anonymous postings. Read the policy here





Company news

 

 

 

 

Bytes IDM specialises in the provision of full Identity Lifecycle Management solutions through an array of hardware devices and software solutions. The IDM divisionprovides industry tailored solutions to both public and private sector organisations that require identity verification solutions when interacting with their clientele. Click here to learn more.

Top news

SECURITY BLOGS

GENERAL BLOGS


27-29
MAY
Security Summit
Sandton Convention Centre

AdWare.Win32.HotBar.dh
Trojan.JS.Popupper.aw
AdWare.Win32.FunWeb.kd
Trojan-Downloader.JS.IstBar.cx
AdWare.Win32.FunWeb.jp
Trojan-Downloader.JS.Agent.fxq
Exploit.HTML.CVE-2010-4452.h
Trojan.JS.Agent.bun
Trojan-Downloader.JS.Iframe.cew
Exploit.JS.CVE-2010-1885.k
IITPSA President's Awards 2014
6 November 2014 / Montecasino, Fourways
Join us in celebrating the ICT industry's top achievers
IT Personality of the Year 2014
Recognises a person who has made an outstanding impact on the SA ICT industry and a significant contribution to the IT profession.
Previous winners:
Barry Dwolatzky Mteto Nyati
Rob Stokes Asher Bohbot
Click here for information on the awards
Join us at this exclusive business breakfast

Event Sponsor

Gold Sponsor

Publications

ICT no longer a boys’ club

 

Internet

INTERNET

Tipping point


STAY INFORMED!



Sign up for ITWeb's free eNews newsletter today to receive all the day's need-to-know ICT happenings.