Fake anti-virus for Android spreads via ads in other applications
April 17, 2013
Ads displayed by Android applications have long been exploited by criminals to spread malware. Being an effective and relatively inexpensive means to reach a wide audience, advertisements are often used in schemes. Ads found by Doctor Web's analysts this time offer Android users virus scans. If users accept the offer, they are redirected to a website from which they can download an "anti-virus" which, in fact, is the malicious program Android.Fakealert.4.origin.
Analysts have been aware of Trojans of the family Android.Fakealert since October 2012. These programs pose as fully functional anti-viruses and pretend to detect threats. To get rid of malware that has supposedly been found, the user must pay a certain amount. Users of PCs know this scheme well.
Once Android.Fakealert.4.origin is installed and launched, it notifies the user that a threat has been detected, but, as to be expected, the user has to buy a full version of the program to neutralize it.
In addition to displaying infection alerts in its main menu, Android.Fakealert.4.origin can also display corresponding messages in the notification panel.
Doctor Web urges Android users to be more sceptical about various ads displayed by applications and to use reliable anti-virus software, when necessary.
Tell us what you think
You will be awarded one Dr.Webling per comment. To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.