Fake Instagram app infecting Android devices warns Sophos

Friday, 20 April, 2012

Cybercriminals are creating fake versions of popular smartphone apps, such as Angry Birds and the popular photo-sharing app Instagram, as a way to distribute their malware and earn money from unsuspecting users, warns IT security and data protection company Sophos.

If Android owners download apps from unapproved sources, rather than official sites, such as the official Google Play Android marketplace, they run the risk of infecting their smartphone, says Sophos. Once installed, these fake apps send background SMS messages to premium rate services, earning their creators revenue.

Sophos products detected the Instagram malware, Andr/Boxer-F, which has been distributed on a Russian website claiming to be an official Instagram site. Curiously, the malware contains a random number of identical photos of a man, identified as coming from a Moscow wedding photograph.

The man’s photo became widespread on Russian internet forums, making the man something of a celebrity. There’s no reason to believe, however, that he has anything to do with the Android malware attack, says Sophos.

“Android malware is becoming a bigger and bigger problem,” said Graham Cluley, senior technology consultant at Sophos.

“Just last week, we saw a bogus edition of the Angry Birds Space game and it’s quite likely that whoever is behind this latest malware is also using the names and images of other popular smartphone apps as bait. Infected Androids are now effectively part of a botnet, under the control of malicious hackers. Android users need to be extremely careful when downloading applications from sites, especially when they’re not official Android markets.”

Related News

Tenable launches autonomous patch management tool

The new Tenable Patch Management add-on allows teams to prioritise and even automate the...

Veeam launches updated Veeam Data Platform

The newest release of the Veeam Data Platform introduces capabilities such as a recon scanner for...

CrowdStrike to buy Adaptive Shield

CrowdStrike is augmenting its SaaS security capabilities through the acquisition of Israeli-based...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd