Got a little Android malware present in an email from my dad

email-apk-malware

When your dad emails you a very important  link, you better open it, right?? Well, sometimes if you do that on your phone, you will be surprised to kick off a download from none other than:

hxxp://official.androidsecurityfixers.ru/securitypatch2.php

and get yourself a file called security.update.apk, also known in some circles as Trojan.Android.NoComA.D. True story! All links still work perfectly as of this writing, 2 months after I got that email. Of course, I’ve not run run it, nor have I tried whether it will work with the “Play-APKs-only” option, but I will take it for a little baksmali session to crack it open and see what we can learn from it.

Why is this extremely important? Because no amount of Play policing will ever close this particular malware distribution channel. What can you do to protect your phone? As usual, only install APKs from trusted stores like Play, Amazon, etc. Turn off “Unknown Sources” in Application Settings. Also, get a malware scanner, the scum is multiplying and it’s getting here fast.

One thought on “Got a little Android malware present in an email from my dad

  1. Pingback: How mobile viruses and scams spread around | Fancy Mollusk

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s