magnify
Home Gaming Socially engineered threats target trusting consumers with malicious Android apps, celebrity sex videos and scareware scams
formats

Socially engineered threats target trusting consumers with malicious Android apps, celebrity sex videos and scareware scams

– AVG’s Q2 Threat Report warns of new sophisticated attacks aimed at unsuspecting PC and Android smartphone users –

MELBOURNE and AMSTERDAM 26 July, 2012 – AVG (AU/NZ) has released the AVG Technologies’ Q2 2012 Community Powered Threat Report. Cybercriminals have been using social engineering techniques to create malware that successfully exploits commonplace user activity such as downloading mobile phone applications and accessing online content through popular sites such as YouTube.

First Android bootkit turns your smartphone into a ‘zombie’

The Android operating system for smartphones is now leading with 59 percent market share, according to the latest figures from IDC[1]. Taking advantage of this lucrative opportunity, cybercriminals have created the first Android bootkit which turns phones with the Android operating system into ‘zombies’, meaning they come fully under the control of the cybercriminal.  Cashing in on the application craze, this ‘DKFbootkit’ malware tricks users by masquerading as a legitimate application available for Android smartphones and poses a serious threat to the many Android smartphone users worldwide.

Once users download the application, the malware encourages them to click ‘OK’ to run it, which then roots the device. Since the smartphones are either connected to a mobile operator for payment or pre-paid, the malware author can siphon off small amounts of money on an on-going basis using premium SMS, usually without the user noticing as the amounts per individual user are kept small.

Malicious Trojan hides in unofficial ‘Angry Birds Space’ application

Malware creators have developed a Trojan-infected version of this highly popular application, developed by Angry Birds creator Rovio in conjunction with NASA. Available on unofficial Android stores, it looks and functions exactly like the legitimate application but the difference is that it uses what is known as the ‘GingerBreak exploit’ to root Android devices. Rooting a device allows the malware to download and install additional malware onto the victim’s smartphone, turn it into part of a botnet, modify files and launch URLs so that that phone is no longer under the user’s control.

Celebrity sex and scare-mongering scams lure PC users

Tempted to view a video of socialites and celebrities undressed? Think twice before you click on the play button as another major threat that emerged in recent months is a new version of last year’s LizaMoon SQL mass-injection attack hidden inside celebrity sex videos and false security alerts. When users click on a link to view the non-existent video or visit the fake security website, this malware downloads a Trojan. The style of the attack depends on the internet browser being used:

  • Mozilla      Firefox®: users are taken to a fake Flash update page      which purports to show a vulgar video of socialite Paris Hilton or actress      Emma Watson. In fact, they will never get to see the video as when they      click on it, they are prompted to update their Flash software which then downloads      the disguised Trojan.
  • Microsoft      Internet Explorer®: in this attack, cybercriminals      play on people’s peace of mind by mimicking a legitimate antivirus product      which claims to have detected all sorts of malware on their PC and can      help remove it. If users follow the link and install the application, then      go on to purchase the product, it will simply download a completely      ineffective rogue to their PC. If the victim changes their mind and      chooses not to purchase the product, ‘nag’ screens will keep popping up      until the rogue is cleaned from the machine. The latest version is known      as a ‘drive-by’ download as the malware will execute from the web page,      without requiring the user to download anything at all.

Michael McKinnon, Security Advisor at AVG (AU/NZ), said: “These threats are a bit like the Emperor’s new clothes – they are the same style of attacks as we have seen before but socially engineered by cybercriminals to trap victims who are becoming more security savvy. The greater sophistication of these threats also means they are difficult for everyday users to spot something is wrong once the malware has been installed, making them very potent. It’s vital that consumers think before they click ‘OK’ to anything online or on their phone.”

Top five tips to keep your Android smartphone and computer safe:

  1. Prior to installing any      application, carry out a background check on the developer and      application, looking at ratings, reviews, history. Only download from      application stores, sites and developers you trust – or set your device to      download only from Google Play.
  2. Think before you click ‘OK’      to any requests your phone or PC make for your permission. Check if it      seems bona fide or whether it appears odd that the application should be      asking for this permission or to execute a download.
  3. Keep your computer      programs, such as Adobe Acrobat and Adobe Reader, up-to-date so you are      not tempted to follow prompts to upgrade when trying to access content      from the web.
  4. Install antivirus security      software on your computer and your smartphone and keep it updated. This      will work as your eyes and ears to keep your personal information safe and      ensure your peace of mind at home and on the move.
  5. Monitor your mobile phone      bills very carefully – if you notice any small amounts you cannot account      for, investigate further and if you suspect your smartphone has been      exploited, run a genuine security product to find and remove any malware.

For more information on these and other threats analysed by AVG in the AVG Q2 Community Threat Report, please go to: http://mediacenter.avg.com/en/press-tools/avg-threat-reports/avg-community-powered-threat-report-q2-2012.html