20120229

Android Malware Spreading Via Facebook



While your are scrolling through Facebook pages on Android,it may occur to you that you are using a facebook app running on a Google's Mobile OS and the two hawks of Silicon Valley are working hard all the time to make your experience as secure as it could be. But hold on ! aren't you missing something ? Yup there is also a community of Malware writers whose sole purpose in life is to find new ways of sneaking into your systems and devices.
It seems that almost every day there is a new facebook scam geared toward persuading users to click on a link. Attackers are increasingly using social media to distribute malware by tricking users into visiting malicious sites.And this time target is the Facebook app on Android which according to Security firm, Sophos is found spreading malware in an entirely new way.

Bouncer : Google's scanner for Android Market

Meet Bouncer.Google's new and clever tool to scan every app that enters the android Market . When a developer submits a new app, Bouncer steps in and analyzes it for potential threats. It scans for malware, spyware, and trojans — as well as apps that “misbehave” in other ways. This is done through an Android emulator on Google’s cloud infrastructure. Though new apps are obviously the focus, Bouncer actually scans all apps — new and old.

How this recent Malware works ?

Well you may get a friend request and like everyone you would go to person's info page to get know of him/her and decide whether you should friend him or not .You may also want to visit any link on that page to know 'more' about that person.And here the Game starts ! , you visit the shortened link disguising as an Android app and after redirecting you a couple of times , the app starts downloading automatically .

A screenshot showing how any_name.apk's look like 



The malware package is named something like any_name.apk, and appears to have been designed to earn money for fraudsters through premium rate phone services.Although Android by default never allows apps to be downloaded without informing the user, some users choose to turn off this protection in order to have access to apps distributed outside of the Android Market.

Its not clear how bouncer will react to it ,but surely if you are reading this you should be alert not to become a victim of clickjacking. via[rafayhackingarticles]




No comments:

Post a Comment