As you may already know, Android users are at a much bigger danger of getting saddled with a malicious app than users using other mobile platforms – especially those that download apps from third-party Android markets.
F-Secure researchers have recently spotted ads for such a market beings served on an Android-related site, and having followed it, they discovered that it hosts a number of malicious sites that push bogus/malicious apps. One of those poses as a “Phone Optimizer” app that supposedly reveals hidden functions.
“The idea is that the manufacturers would then earn money through an OS update that unlocks the hidden features,” explain the researchers. “This site claims to check your phone for such hidden features and unlock them.”
Once the device is “analyzed”, the user is offered an update module that supposedly does exactly that:
Unfortunately, the offered download link does not lead to the promised update module, but to an app that sends text messages to a premium-rate number based in the country in which the user is located.
It’s interesting to note that if the user visits the site through the link in the “Phone Optimizer” app, he will be served with a .apk file – other visitor will be presented with a .jar version of the same file.