New Android virus spreads through phishing emails

As Android viruses and other types of mobile security attacks become more common, researchers have discovered some new methods hackers are using to spread their malware. 

Most examples of Anroid viruses and other mobile malware have appeared in the form of malicious apps that hackers have tricked users into installing.

However, as the number of smartphones grows, attackers are casting a wider net, much as they do when trying to spread viruses attacking PCs.

In fact, one scam recently discovered combined an Android virus attack with a type attack that would typically target desktop computers.

To carry out the scam, cyber criminals hacked into the email account of a high profile Tibetan activist, according to security researchers at Kaspersky Lab. All of the addresses in the account’s contact list were then sent a spear phishing email.

The email contained a malicious attachment disguised a letter from a group of human rights activists. So far, it’s pretty standard stuff as far as security attacks go.

The twist in this case: The attachment was a malicious .apk file — the file type use for Android apps. Of course in this case, when the attachment was open on a smartphone, an Android virus was installed on the recipient’s device.

After the .apk is installed, a phony letter does appear on the user’s screen. But in the background, an Android virus harvests information from the device, including:

  • Contacts
  • Call logs
  • Text messages
  • Location tracking information, and
  • Phone data.

New Android virus attacks are appearing

Earlier this year, security researchers found another new way hackers were trying to spread an Android virus: setting up a phony app store and offering downloads of malicious software.

Again, a phishing email used in this attack, in this case to get victims to visit the phony store, which was designed to look like Google’s Play store.

The bottom line: Hackers are constantly looking for new ways to spread their attacks, and that includes attacks against mobile devices. If users in your company receive corporate-issued devices, or use their own smartphones and tablets as part of a BYOD program, the IT department can help protect data by offering regular training on how to avoid the latest mobile security attacks.

  • What this article doesn’t mention is that by default the Android OS will not let you install an .apk from unknown sources. In order for this to happen the user would have to go into settings/security and check the option to “allow installation of non-market apps”. I’d bet that the majority of users who have selected this option know what it does (allows apps to be “sideloaded”). Meaning they’re probably
    tech savvy enough to understand that they were being prompted to install an app and accept the security permissions. Besides why would anyone need to install an app to read more info on an event they were emailed about. Why wouldn’t the sender just include those details in the email. I figure if anyone is stupid enough to open attachments in suspicious emails from senders unknown, and accept to install software on to their device, whether it be a phone, tablet, or computer, then they deserve every bit of what happens next.