When your dad emails you a very important  link, you better open it, right?? Well, sometimes if you do that on your phone, you will be surprised to kick off a download from none other than:

hxxp://official.androidsecurityfixers.ru/securitypatch2.php

and get yourself a file called security.update.apk, also known in some circles as Trojan.Android.NoComA.D. True story! All links still work perfectly as of this writing, 2 months after I got that email. Of course, I’ve not run run it, nor have I tried whether it will work with the “Play-APKs-only” option, but I will take it for a little baksmali session to crack it open and see what we can learn from it.

Why is this extremely important? Because no amount of Play policing will ever close this particular malware distribution channel. What can you do to protect your phone? As usual, only install APKs from trusted stores like Play, Amazon, etc. Turn off “Unknown Sources” in Application Settings. Also, get a malware scanner, the scum is multiplying and it’s getting here fast.