Internet security company, ESET East Africa, has issued an alert to mobile phone users running on the Android platform to be wary of alternative app stores’ potential to spread malware such as screen locking malware.
According to Teddy Njoroge, Kenya Country Manager for ESET, ransomware is a fast growing problem for users of mobile devices.
“Just like SMS trojans, ransomware threats have evolved over the past few years with hackers adopting techniques that have proven effective in regular desktop malware to develop lock-screen types and file-encrypting ransomware. These have been causing major financial and data losses for years and which have now made their way to the Android platform“, he said.
The alert comes after cyber-crime researchers discovered that a Turkish alternative Android app store was spreading malware under the guise of all the offered Android apps on the site.
When users browsed the Turkish alternative app store and proceeded to downloading an app, the “Download now” button led to banking malware detected as Android/Spy.Banker.IE instead of the desired app.
“This is the first time I’ve seen an entire Android market infected like that. Within the Windows ecosystem and in browsers, this technique is known to have been used for some time but in the Android ecosystem, it’s really a new attack vector“, he said.
- Internet security firm steps up war on cybercrime
- Govt puts banks on high alert over cyber attacks
- Firms can use the cloud to block cyber criminals
Although the misdirection on the site was from a legitimate Malware warning issued to Android usersapp to the malicious banking malware, the crooks behind the campaign added an exception, a tactic commonly used to increase the chances of staying longer under the radar, according to researchers at ESET.
The hackers introduced a seven-day window of not serving malware after a malicious download, thus falsely serving the user with clean download links, only to be redirected to the malware once they try to download any application from the store after the period lapses.
Although focused in Turkey and parts of Europe, the incident points to the growing appetite for mobile malware by hackers using masking tactics to hoodwink users and which could soon become the biggest cyber security problem yet.
To protect yourself, Njoroge advises that you should always download apps from official app stores and also practice caution when downloading any content from the internet. Always pay attention to anything suspicious in file name, size and extension.
Lastly is to use a reliable mobile security solution to protect you from the latest threats.
Leave a comment