New Android Malware Uses Facebook To Spread

New Android Malware Uses Facebook To Spread

“Even though Google recently introduced a malware-blocking system called Bouncer to keep the Android Market safe from malicious software, crafty spammers and fraudsters are still managing to find ways around the restrictions to get their software onto users’ phones. The latest example? A malware program disguised, innocuously, as an Android app called “any_name.apk.” And it appears the malware is using Facebook’s app on Android phones in order to spread.

The software was discovered by security firm Sophos, which came across the malware after receiving a Facebook friend request. When checking out the user’s profile, the researcher, Vanja Svajcer, found a link posted to the requester’s Facebook profile page that, when clicked, directed the browser to a webpage which started an automatic download of an unknown software application to the device.

The software installed and downloaded immediately, without any request for authorization or input from the end user. However, although Svajcer doesn’t mention this in his analysis, for software to automatically install from outside the Google Android Market, the phone’s default settings must have been changed. Typically, Android phones are shipped with a setting switched on that prevents mobile apps from installing from sources besides the official Android Market. Many savvy Android users switch this setting off, though, because they enjoy the freedom that Android provides in discovering apps from alternative app stores and download locations – like the treasure trove that is the XDA Developers forum, for example.

Unfortunately, malware like this is the nasty side effect. And there’s nothing Bouncer can do about it. The link the researcher clicked did not appear to be an APK file by nature of its URL, just a typical website. And it was placed into the user’s About Me section on Facebook, as if it was a link to that person’s homepage.”

Read the full article: Click here