According to Sophos, malware authors are distributing their programs with applications cunningly disguised as the popular photo application
Malware authors are distributing malware disguised as the popular app and there are a few pretty convincing fakes around that might trick the unsuspecting app shopper.
The bad software is more likely to be found on separate websites rather than the vetted Google Play arena. Sophos snapped this Russian version on the Web and it’s surprisingly well done.
As Sophos wisely points out, if you download anything for your Android device that is not from the official Google Play store and you don’t know what you’re doing, then you run the risk of all sorts of nasty happening to your phone or tablet.
Sophos downloaded a fake app so we don’t have to get all dirty trying and says:
In our tests, the app didn’t do a very good job of emulating the genuine Instagram app, but that may be because it failed to find the correct network operator. Because this is a malicious app that seems to be relying in the sending of background SMS messages to earn its creators revenue.
Sophos products found that rather oddly inside the .APK file is a random number of identical photos a man. (Go to the Sophos page and let them know if he’s a friend of yours…) Sophos speculates that this dashing portrait might be included multiple times is to change the fingerprint of the .APK to fool simple anti-virus scanners into not spotting the malicious content.
The spread of malware for Android is an increasing problem and it’s not surprising given the growing ubiquity of the devices and programs. Sophos noted just last week that a fake version of the Angry Birds Space game was being used in an attack.
Malware creators are certainly savvy and know what we will be looking for when it comes to the latest and most fashionable apps. Take care to check where your applications are coming from, do a little research to find out if they are meant to be free or paid for and don’t download random links on other sites that you can’t check before you install.