scamware
Latest
Sneaky ad-spewing apps land on millions of Android devices
As a rule, rogue Android apps don't last long on Google Play -- either Google catches them quickly, or enough people complain that something gets done. That doesn't appear to have happened with a recent batch of apps, though. Antivirus developer Avast has noticed that multiple titles, including some with millions of downloads, have been harboring a sneaky form of adware that tries to fool you into either paying for content or violating your privacy. The apps will often work normally for days, but eventually pester you with ads warning about non-existent updates and viruses every time you unlock your phone. If you're tempted enough to tap one of the ads, you're steered to far more dangerous content that may send premium text messages (without asking, naturally), harvest personal info or otherwise compromise your device.
McAfee shows how major Android scamware ticks, prevents us from learning first-hand
Most Android malware lives in the margins, away from Google Play and the more reliable app shops. It's nonetheless a good idea to be on the lookout for rogue code, and McAfee has stepped in with thorough explanations of how one of the most common scamware strains, Android.FakeInstaller, works its sinister ways. The bait is typically a search-optimized fake app market or website; the apps themselves not only present a legitimate-looking front but include dynamic code to stymie any reverse engineering. Woe be to anyone who's tricked long enough to finish the installation, as the malware often sends text messages to expensive premium phone numbers or links target devices to botnets. The safeguard? McAfee would like you to sign up for its antivirus suite, but you can also keep a good head on your shoulders -- stick to trustworthy shops and look for dodgy behavior before anything reaches your device.
