Android malware is following in the footsteps of Windows malware with attackers adopting some of the same distribution and monetization techniques despite the major differences between the platforms.
The latest development is a mass email spam campaign being used to distribute Android scareware—applications that use scare tactics to trick users into paying for worthless services. Researchers from security vendor FireEye identified one such campaign that was launched on Sept. 6 and is still ongoing.
The rogue emails use themes like failed package delivery notifications from USPS or electronic wedding invitations that have long been used in phishing emails to spread Windows malware.
The emails contain links that lead to websites serving an Android package (APK) file called LabelReader.apk. This APK installs a known Android scareware application called FakeDefender that masquerades as a commercial Android security product.
To read this article in full or to leave a comment, please click here
ConversionConversion EmoticonEmoticon