Skip to main content

Fake anti-virus appears on Android

Release Date: 17 Jun 2013 4596 Views

On May 2013, a security researcher identified a fake anti-virus on Android system. The fake anti-virus, which alerts the found viruses and Trojans on the mobile device, tricks users into paying money around $40-$100 US dollars to clean up the threats. Of course, the whole scanning process and the infection report are bogus, in order to trick users to pay money.

 

This sort of scam is commonly found on Windows and OS X, but this scareware was discovered on Android. It shows that the scammers have an interest in Android system.

 

This scareware names "Android Defender". It runs a fake scanning process, and reports the system being infected. The truth is that the app just randomly pick several "fake" malware identifies from its preset list.

 

Fig 1) The app shows a fake infection report 

Fig 1) The app shows a fake infection report

 

Afterwards, the app requires you to input an "active code" in order to get the virus definitions update and clean up function. To obtain the "active code", user has to pay.

 

Fig 2) The app requires user to purchase a protection function 

Fig 2) The app requires user to purchase a protection function

 

When user inputs the "active cdoe", the app pretends to update new virus definitions, scan the device again, and report the threats had been eliminated.

 

To be more realistic, the app simulates the update of virus definition once a day. At the same time, it continuously occupys the storage in mobile phone.

 

Fig 3) The app pretends to protect the system of mobile phone 

Fig 3) The app pretends to protect the system of mobile phone

 

To summaries the above fake antivirus app, we can see that the target of scareware has been changed from desktop PCs to mobile devices. User need to pay special attention when install an app. Do not install apps from other sources. If you suspect the app is a malware, please uninstall it immediately. HKCERT recommends Android users download and install a mobile security tool from official Play Store.

 

For the detail of Mobile Security Tools for Android, please refer to https://www.hkcert.org/mobile-security-tools/ .

 

 

Source of information and images:

http://nakedsecurity.sophos.com/2013/05/31/android-malware-in-pictures-a-blow-by-blow-account-of-mobile-scareware/