It was reported yesterday that Google is currently developing a new malware scanner for its Google Play store. Turns out this was excellent timing, for the FBI, via its Crime Complaint Center (IC3) has just issued the latest warning about the rising number of malicious programs affecting Android devices.
According to the warning, the latest bugbears targeting Android phones go by the seemingly harmless names of Loozfon and FinFisher.
“IC3 has been made aware of various malware attacking Android operating systems for mobile devices. Some of the latest known versions of this type of malware are Loozfon and FinFisher,” the report said.
Apparently, the two malwares are quite different in how they act. Loozfon targets users by ‘phishing’ – sending out emails with the promise of “a profitable payday for just sending out email”, encouraging users to click a link embedded in the message. Once clicked, the malware downloads itself onto the phone and begins stealing information.
FinFisher is a different kettle of fish all right. The spyware also uses phishing scams to infect phones, but works differently as it’s able to take over different components of smartphones and use them for malicious purposes.
Loozfon may be a threat to users in the US, but it’s believed to be a far more potent one in Japan, says The Next Web. On the other hand, FinFisher is more international in nature, and has the ability to target devices running iOS, Windows Mobile, Blackberry and even Symbian operating systems.
There have been dozens of warnings recently that Android malware is on the rise, with various security companies claiming that it has risen by anything from 216% to 700% over the last three months.
Google appears to be aware of the problem, introducing a number of new security features on its most recent Android OS – Jelly Bean – which it hopes will boost the platform’s defenses. More recently though, it’s believed that Google is now planning to introduced some kind of malware scanner to its Play Store that should bolster security further.
Nothing official has been announced, but a look within the Play Store code reveals something called “App Check”, which experts believe is some kind of device-side scanner that will not only be able to scan pre-installed apps for malicious code, but also block the installation of any new dodgy apps.
There’s no indication when the Google Play malware scanner might be available, but in the meantime IC3 has provided a number of tips for Android users to better protect their smartphones, including OS encryption, malware protection, password protection, and ensuring that apps are downloaded from a trustworthy source.
“Use the same precautions on your mobile phone as you would on your computer when using the Internet,” IC3 advises.