Android malware writers exploit Instagram craze to distribute SMS Trojan horse
Fake Instagram websites distribute Android Trojan horse that sends SMS messages to premium-rate numbers
IDG News Service - In an attempt to take advantage of the popularity of free photo-sharing app Instagram among smartphone users, malware writers have created fake Instagram websites to distribute Android Trojan horses, according to security researchers from antivirus firms Sophos and Trend Micro.
Originally developed for Apple's iOS devices, Instagram allows smartphone users to take photos, apply various digital filters to them and share the resulting images on social networking websites. There are over 30 million registered Instagram accounts as of April 2012, according to its creators.
At the beginning of April, an Android version of the app was released on Google Play and it was downloaded more than one million times during the first 12 hours.
The company that developed Instagram was acquired by Facebook for almost $1 billion on April 12, which attracted the attention of the media and, as it usually happens with popular events, that of cybercriminals.
"We discovered a spoofed web page containing a rogue version of Instagram," Trend Micro fraud analyst Karla Agregado said in a blog post on Tuesday. "The said web page mimics Instagram's legitimate download page."
The fake Instagram website contains text in Russian and distributes an Android Trojan horse that, once installed, sends SMS messages to premium-rate numbers without the phone owner's authorization, said Graham Cluley, senior technology consultant at Sophos, in a blog post on Wednesday.
The rogue app's installer, also called the APK, contains several pictures of a man that has been the subject of a photobomb-type meme in Russia. A large number of random images with this man's picture digitally added into them can be found on Russian websites.
It's not clear why the creators of this Android malware decided to include this photo into the malicious APK, but it isn't the first time this has been done. In February, security researchers from Symantec reported about server-side polymorphic Android malware that contained the same picture.
"It's quite likely that whoever is behind this latest malware campaign is also using the names and images of other popular smartphone apps as bait," Cluley said.
Last week, security researchers from Sophos reported about a similar piece of Android malware that masqueraded as the new Angry Birds Space game in order to trick users into installing it on their phones.
Trend Micro researchers have seen several fake websites during the past few days that masquerade as download pages for popular games like Fruit Ninja, Temple Run or Talking Tom Cat, Agregado said. "Users are advised to remain cautious before downloading Android apps, specially those hosted on third-party app stores."
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts