Malware. Porn. Apps.

Seems like a match made in heaven and that’s exactly what security-as-a-service firm Zscaler, Inc. has found with two new apps currently doing the rounds on independent Android app sites.

The worst offender of the two discovered masquerades as a porn video player that is said to scare the user with a warning screen that falsely accusing them of watching images of child abuse.

After a user installs the app on an Android device a video player icon appears which once clicked immediately displays a fake US Cyber Emergency Response web page that accused the user of viewing child pornography.

While it sounds like a typical ransomware request the malicious intent of the malware is to actually harvest SMS messages, contacts and email address which are then uploaded to a command and control server run by the bad actors behind the app.

The app itself does not ask for administrative privileges like many similar malicious apps now do and does not attempt to lock the infected device, making it fairly easy to remove, Zscaler said in its advisory.

A second discovery involves a Chinese SMS trojan also disguised as a porn app which fools victim by displaying random adult sites while in the background it steals sensitive private information and sends the data via SMS to predetermined Chinese numbers.

“The continuous SMS activity can lead to a significant financial loss for the victim,” the company notes.

Practice safe internet

It probably doesn’t need repeating but the moral of the story is to always practice safe internet, and that includes only installing apps from trusted sites such as Google Play, which while not always perfect offer an improved level of protection versus that provided by the multitude of independent Android app stores that have appeared over the last few years.

“We are seeing an increasing number of adult themed Android malware apps using pornography to lure victims,” the report notes, before adding “To avoid being a victim of such malware, it is always best to download apps only from trusted app stores, such as Google Play.”

In the event your Android device is currently set to allow installs from other sites, the security settings can be changed to a more secure setting by unchecking the “Unknown Sources” option under the “Security” settings within the Android settings menu.

Image credit: deda_87/Flickr/CC by 2.0