SCCyberworld

Thursday, May 15, 2014

Attack of the Clones: Fake AV Invading Mobile App Stores

Petaling Jaya, 15 May 2014. Fake antivirus programs are increasingly appearing in mobile app stores. Kaspersky Lab recently found two such programs imitating the company’s products in two different official app stores for mobile devices.

The first fake app was discovered in Windows Phone Store. This in itself was unusual because scammers tend to target users of Android – via Google Play – due to the platform’s popularity. The app in question went by the name of Kaspersky Mobile. The fact there is no such program in Kaspersky Lab’s product line suggests the fraudsters didn’t expect anyone to notice the discrepancy. Another interesting feature of this particular app was the fact users had to pay for it. This meant its creators immediately started making money without having to devise additional scams such as demanding payments to remove “malware” that had supposedly been detected on users’ computers.

The second fake app imitating the Kaspersky Lab brand was for sale on Google Play and was called Kaspersky Anti-Virus 2014. Again, there is no Kaspersky Lab product for mobile devices by that name. The screenshot used on the page of the fake app was simply copied from the official Kaspersky Internet Security for Android page. Unlike the app for sale in Windows Phone Store, the creators of this fake app didn’t even bother to add a simulation of a scanner – the functionality was limited to random series of statements appearing on top of an “official” logo.

“The story of paid fake AV for mobiles started with the appearance of Virus Shield in the Google Play store. Now we are seeing how one successful scam spawns numerous clones. Scammers who want to make a quick buck from inattentive users are selling dozens of fake apps, copying the design, but not the functionality of the original,” commented Roman Unuchek, Senior Malware Analyst at Kaspersky Lab. “It is quite possible that more and more of these fake apps will start appearing. One thing is for sure, the security mechanisms put in place by the official stores cannot cope with these kinds of scams.”

More about fake mobile antivirus programs and other fake apps can be found at Kaspersky Lab’s official analytical site.

No comments: