Malware Spreading on Android Phones through Fake Anti-Virus Apps

Scammers are taking advantage of fear of attacks like WannaCry

Malware Spreading on Android Phones through Fake Anti-Virus Apps
Image: Pixabay
June 14, 2017

Remember WannaCry?

You know, the ransomware attack back in May that took down more than 200,000 computers around the world through their outdated Microsoft software?

Scammers are taking advantage of the fear that WannaCry created, and they're doing it in an unexpected way.

How?

They're targeting phones rather than computers.

Consumerist and CNET are reporting that cybercriminals are creating fake anti-virus apps—you know, like the software that runs on your computer—for Android mobile devices and cramming them full of malware.

According to CNET, cybersecurity company RiskIQ discovered seven WannaCry-related apps in the Google Play store where Android users buy apps and two in Apple's App Store. These apps require unnecessary permissions from the user, such as password to wake the device.

And apps not related to WannaCry?

The researchers found hundreds of them—all apps that CNET reports were "fakes packed with adware, Trojans and sources of malware."

Out of 4,292 active anti-virus apps that the company reviewed, 525 raised red flags for malware—more than one in 10.

And out of those 525, 508 were in the Google Play store, while the rest were sold by third-party app stores.

"Google Play is one of the most reputable app stores in the world, so the fact that so many reside there shows the dangers facing mobile app consumers," said RiskIQ Security Analyst Forrest Gueterman.

Consumerist notes that the "more accessible and open" nature of Google Play (as opposed to Apple's proprietary App Store) is an important factor in these new mobile attacks: it is "good for small developers who want to be able to break out and reach an audience," the consumer news outlet reports, "But it means that there's just more everything available for users to choose from — and that includes more spam and scam apps, too."

Another problem is that most people don't know that WannaCry didn't affect mobile devices, only Windows computers whose software systems were not up to date.

What to do?

All is not lost! RiskIQ provided Consumerist with several tips for consumers interested in installing legitimate antivirus software on their mobile devices. These tips are as follows:

  1. Buy the app only at the official store, not from a third-party website
  2. Review the app description for grammatical errors or inconsistencies, which are often indicators of a scam
  3. Do your homework on the publisher. Make sure the email address is a professional "@businessname.com" address, not a Yahoo or Gmail one. Check out the developer's other apps, and also search their name