Two New Forms of Malware Threatening Android Users: IC3

skull_and_cross_bonesTwo new forms of malware are on the loose and they are targeting the Android mobile operating system, according to a warning issued by the FBI’s Internet Crime Complaint Center.

Loozfon, which steals information from users, and FinFisher, which can give hackers control over a user’s device are the latest threats, the IC3 says.

“Criminals use different variants to lure the victims. One version is a work-at-home opportunity that promises a profitable payday just for sending out e-mail,” the warning reads. “A link within these advertisements leads to a website that is designed to push Loozfon on the user’s device. The malicious application steals contact details from the user’s address book and the infected device’s phone number.”

FinFisher can effortlessly spread to a Smartphone when the user visits a specific URL or opens a text message camouflaged as a system update.

IC3 Safety tips to protect your mobile device:

• When buying a Smartphone, learn the features of the device, including the default settings. Turn off features that are not needed to lessen the risk of attack.

• Some phone operating systems have encryption available. Use it to protect personal data in the case of loss or theft.

• Read reviews of app developers before buying an application.

• Review and understand the permissions you are giving when you download apps.

• Passcode protect your cellphone and enable screen lock to kick in after a few minutes of inactivity.

• Purchase malware protection for your device. Use applications that specialize in antivirus or file integrity to help guard your device from rogue applications and malware.

• Beware applications that enable Geo-location because the app will track your location anywhere. Criminals such as a stalker or burglar can use this app.

• Anytime you, an application or service runs in “unrestricted” or “system” level within an operating system, any compromise can take full control of your phone.

• Do not connect to unknown wireless networks — these can be rogue access points that steal information passed between your device and a legitimate server.

• If you sell or trade your device, be sure to wipe the device clean by resetting it to factory default. This avoids leaving personal data on the device.

• Keep current with updates to run applications and firmware. If you neglect this, it increases the risk of having your device hacked or compromised.

• Do not click on or download software or links from unknown sources.

• Use the same precautions on your mobile phone as you would on your computer when using the Internet.

If you have been the victim of an Internet scam or have received an e-mail believed to be an attempted scam, file a complaint with IC3.


About the author


Jennifer Cowan

Jennifer Cowan is the Managing Editor for SiteProNews.

1 Comment

Click here to post a comment