Malwarebytes tipped us off to a new fake app masquerateding as a popular messaging app for our last Mobile Threat Monday of 2014. It's clear that fake apps continue to be the easiest way for cyber-criminals to harvest login credentials.
This week, Malwarebytes identified a fake app on third-party Chinese app stores designed to look like the popular QQ messaging app. Malwarebytes calls it Trojan.SmsSpy.qq and said its only functionality is to capture QQ login credentials from unsuspecting users. Last week, Zscaler researchers described an app pretending to be a pirated version of the popular game Assassins Creed targeting Russian users.
Harvesting Credentials
According to Malwarebytes, the infected app's login screen mirrors the screen visible within the legitimate version of the app. The fake app has no other function than to capture the user ID and password when entered and to forward the information via SMS message to a prepaid mobile number, the company's researchers said.
There are fake apps which seem to operate normally while harvesting data in the background. This particular fake QQ is not one of them—as soon as the user tries to login to QQ and is unable to access the messaging service, the user would know something is up because the app doesn't do anything else. Unfortunately, that is already too late as the attackers have already collected the credentials.
Staying Safe
Once the attacker builds the fake app, he or she generally spreads the app by using phishing links and file sharing services such as Dropbox and Google Drive. Think about every link before you click on it, even if it's from someone you know and trust.
Scrutinize the permissions list for each app you download. Many fake apps just ask for permission to access the Internet or to send SMS messages. It's easy to say that users shouldn't install apps which request too many permissions, but an app with very few permissions can still cause damge.
As said in past columns, stick to the Google Play store and avoid third-party Android app stores. Google Play is not perfect—Malwarebytes found infected apps on the official marketplace a few weeks ago—but Google does filter out plenty of bad apps before they get to your device. Install antivirus on your Android. Editors' Choice winners avast! Mobile Security & Antivirus and Bitdefender Mobile Security and Antivirus 2.8 are good places to start.
Like What You're Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
Sign up for other newsletters
