Android VXers earn big bucks on trader site

Powered by SC Magazine
 

Infected droids worth 10 times more than PCs.

Researchers are tracking a pay-per-install scheme being marketed through a Russian web forum where criminals are recruited to load malware on Android devices in return for payment.

The mainly Russian victims primarily downloaded malware through bogus apps that appeared to be legitimate.

After the app was installed, malware forced the infected device to send out SMS messages to premium-rate numbers owned by the attackers who were paid for receiving the texts.

The crooks earnt a significantly higher fee than those who participate in pay-per-install rings targeting Windows PCs, researchers at security firm ESET said.

ESET security intelligence program manager Pierre-Marc Bureau said the fraudsters made between $2 and $5 per installation -- 10 times more than similar Windows malware installations.

“In my experience, it is the first time we've seen such an organised group targeting Android devices, but I wouldn't be surprised if there were others,” Bureau told SC.

ESET researchers spotted the threat in May after discovering a Russian web forum which began operating in late 2011 with the specific purpose of supporting the Android pay-per-install scheme.

“We are still working with different sources to shut down the forum, but right now it's still active, so we prefer to keep the name private,” Bureau said.

“It's really a forum they set up for the only purpose of trading and selling infections for Android devices. These guys are quite sophisticated. For instance, if someone is willing to buy the infections, they are building their own [customer service] tools to relay information.”

A Google spokeswoman declined comment. In many cases, malicious mobile apps foisted by attackers were distributed through third-party marketplaces.

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition


Android VXers earn big bucks on trader site
Credit
 
 
 
Top Stories
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
Telcos finally briefed on data retention details
Update: AGD offers list of data to be stored.
 
Qld Health hires short-term CIO, CTO
Ray Brown leaves after five years at IT helm.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  67%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  12%
 
Denial of service attacks
  7%
 
Insider threats
  11%
TOTAL VOTES: 567

Vote