Android Hit with New Fraudulent Apps

Jay Decenella, IT audit expert
January 11, 2012 /

Experts from security firm and Norton-dealer, Symantec, has found a new fraudulent application that hit the Android marketplace called Android.Steek, which capitalizes on popular game titles and purporting as these games.

Symantec said the malicious applications are published under the name “Stevens Creek Software”, whose infection length has reached nearly 3,500,000 bytes.

The security firm found that installation of the apps allows for only one permission request for full Internet access.

” In the past, we have seen fraudulent apps looking for numerous unnecessary permissions during installation that may alert the user of the risks involved in installing the app. With just one permission request required by this fraudware during installation, it may seem less of a risk to potential victims,” Symantec said.

The app opens and brings users to a pop-up window related to the installed fake app which directs them to finish the installation process by clicking on a button that actually redirects users to a website advertising an online income solution.

Peter Coogan from Symantec wrote in a blog post: “Symantec has added detection for these fraudulent apps as Android.Steek. Google has also been notified in relation to their presence on the Android marketplace. A tip to try to help in avoiding fraudulent apps is to check if the publisher of the paid and free versions is the same.”

 

Share your opinion