Security - Channel Insider

Empowering the next generation Channel

Home

Security

Malware Masquerading as Kaspersky Antivirus Scanner on Mobile Devices

[ci] deep dives:

Managed Services Distribution Careers Linux and Unix Computer Networking Printers Security SMB Partner Storage Surveys Solution Builder Messaging/Collaboration Dell Reseller Microsoft Partner

Malware Masquerading as Kaspersky Antivirus Scanner on Mobile Devices

in Security

DATE: 2011-04-29 | By Channel Insider Staff

Article Rating:

/ 3
Article Views: 4490

More Security Coverage

<<Previous Security News Next Security News >>

A rogue antivirus masquerading as a Kaspersky Lab antivirus scanner has been spotted on mobile devices.

Rate This Article:

Add This Article To:

Digg this

Del.icio.us

Slashdot

Y! My Web

E-mail

Furl

Google

Simpy

Spurl!

PDF Version

New fake antivirus scareware pop up with amazing regularity, but some researchers encountered an intriguing variant that indicates scammers may begin targeting mobile platforms.

A rogue antivirus masquerading as a Kaspersky Lab antivirus scanner has been spotted on mobile devices, Dinesh Venkatesan, an anti-malware researcher, posted on the CA Security Advisor Research Blog on April 27. The current scam is designed to trick Russian-speaking users into paying for bogus mobile protection.

The “exponential growth” of the smartphone market means these kinds of threats will be “growing proportionately,” Venkatesan wrote.

The fake antivirus appears to be spreading using social engineering tactics, according to Venkatesan. Once launched on the device, it presented a “friendly UI” and asks the user whether it should scan the phone for viruses. After running the scan, it informs the user that two threats have been detected.

When the user tried to remove the infection, they were shown a bogus error code “07931020” and a message explaining that the software encountered an error when trying to remove the malware.

“The sample is supposedly spread by some social engineering tricks where users would have been provided with support numbers/email id to contact to resolve those error codes,” Venkatesan said.

Contacting that support number or address is presumably when the users are tricked into paying for an upgrade to remove the alleged infection. Venkatesan didn’t have that information when analyzing the malware sample and couldn’t complete the analysis to determine how the malware authors were monetizing the scam.

The app is not very sophisticated at the moment, suggesting it was an early stage experiment for the app developer. On a mobile platform, SMS-based micro payments seem to be the most logical way to trick money out of the victims. The rogue scanner has hardcoded the malware names as it always “found” the same “Trojan moby” and “RebBrowser” in two locations that are clearly from the Windows file system. While it is “scanning” the files, it played an audio file in the background of a crashing sound just before displaying the error message.

For more, read the eWEEK article: Fake Kaspersky Antivirus Scanner Detected on Mobile Devices.

comments dic



	>>> More Security Articles >>> More By Channel Insider Staff

Email Article To Friend ♦ Print Version Of Article ♦ PDF Version Of Article

Follow @ChannelInsider
< Prev | Next >

about 6 hours agoAssessing the Impact of HP Layoffs - HP needs channel partners to help put some distance between it all the drama ... http://t.co/2H0Gq8HJ
about 7 hours agoThin Client Opportunity Gets Richer for the Channel - IT organizations are rethinking client strategy in the age of ... http://t.co/JxUbh24m
May 23rd 4:38 PMPutting a Channel Face on the Cloud - Amazon, Google and others may leverage the channel to compete more aggressivel... http://t.co/RUeo9iT5
May 22nd 10:41 PMExpanding the Reach and Scope of Desktop Virtualization - VMware moves to acquire Wanova - VMware has set out to ... http://t.co/Ad020fhT
May 22nd 8:58 PMConsidering the IBM Watson Possibilities - IBM looks to the channel to help find new use cases for cognitive computi... http://t.co/CAljVbac
May 22nd 8:54 AMVariations on a Cloud Storage Theme in the Channel - EMC expands focus on the cloud via a channel that is wrestling ... http://t.co/MORSpkkb
May 21st 10:43 AMRightsizing the Cloud Service Provider - Cloudbursting will alter the way the channel thinks about cloud computing i... http://t.co/eZ33qdKE
May 17th 6:39 PMThe Future of IT Services - Automated managed services are transforming the way IT services are delivered - Histo... http://t.co/w4zvAS8u
May 17th 12:39 PMRising to the Cloud Application Management Challenge - BetterCloud previews management tool for Google Apps environm... http://t.co/KzhO7FlP
May 16th 11:00 AMPlaying the IT Services Name Game - HP expands ability of partners to deliver branded services as part of effort to ... http://t.co/XU3QOnKz

[ci] feeds

Add Channel News, Product Reviews, Trends and Analysis to your RSS newsreader or My Yahoo!

CHANNEL SPONSORED RESOURCE CENTER

Start the New Year with business intelligence—it’s a smart move
Join us on February 1 for an encore rebroadcast at either 5 am or 12 noon EST and discover how business intelligence (BI) supports companies in uncertain business and economic climates. Get expert advice on how to create a strategy that fits your organization's needs and budget and see how quickly it can pay for itself.
Click Here

Security and Availability Essentials for Running Your Business in the Cloud
Are you moving to the cloud? Find out what every IT professional should know about security and availability before moving to the cloud. Hear what a security provider’s own CSO has to say.
Watch Video

New Tool Analyzes Data Without Bias

A new algorithm automatically identifies relationships between variables to help reduce researcher prejudice.
Click Here

Channel Insider:

Security:
Network Security
Enterprise Networking
Infrastructure Security
How To: Data
IT Security News
Security Watch Blog
Secure Channel Blog

Storage:
Data Storage
Cloud Storage
Storage Virtualization
Network Access Storage
Storage Reviews
Data Storage News
How To: Storage
Storage Station Blog

Computing:
Apple OSX
Linux Systems
Windows Vista
Managed Print Services
Cloud Computing
Computer Reviews
Microsoft Watch Blog
Apple Watch Blog
Google Watch Blog

Communications:
VoIP Solutions
Wireless Technology
Messaging Software
Web Services
Mobile Applications
Wireless News
Mobile Reviews

Apps & Development:
Application Development
SAAS
Search Engines
Database Software
Web 2.0
IT Project Management
Emerging Tech Blog
CIO Insight Blogs
CIOs

Vertical Markets:
Federal Government IT
Health Care IT
Finance IT
Mid-Market
Channel and VARs
Careers Blog
Value Added Resellers

More eWeek Links:
Green Computing Center
Tech Knowledge Center
Tech Newsletters
Tech RSS Feeds
White Papers
Tech Podcasts
Tech Videos
Complementary Magazine Subscriptions

Enterprise Websites:
ZDE Home
eWeek
Baseline Magazine
Channel Insider
CIO Insight
eSeminars and Events
Publish Online
Web Buyers Guide

Developer Websites:
Microsoft DevSource
Dev Shed
DeveloperShed
ASP Free
SEO Chat
Codewalkers
Tutorialized
Scripts.com
Dev Mechanic
Dev Articles
Web Hosters
Dev Hardware

Technology Websites:
Device Forge
Desktop Linux
Linux Devices
Windows for Devices
PDF Zone
Linux Watch
TechDirect
Smarter Technology

Use of this site is governed by our Terms of Use and Privacy Policy
Copyright ©1996-2012 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited.
eWeek is your best source for the latest Technology News.
ZDE Cluster 5

Malware Masquerading as Kaspersky Antivirus Scanner on Mobile Devices

More Security Coverage

A rogue antivirus masquerading as a Kaspersky Lab antivirus scanner has been spotted on mobile devices.

Related Content

Follow @ChannelInsider < Prev | Next >

Follow @ChannelInsider
< Prev | Next >