PC owners are very much familiar of malware that disguises itself as legitimate antivirus software but in fact tricks users into parting with their money. This fake antivirus software is usually bundled with screensavers and affects both the Windows and Mac OS platforms. What it does is it reports a non-existing problem and tricks a person into paying to fix the problem.
This type of malware has long been a problem for PC users in has now arrived in the Android scene. The offending app can be identified by its icon that says Android Defender but Symantec is calling it Android FakeDefender. The security company describes this as “a Trojan horse for Android devices that displays fake security alerts in an attempt to convince the user to purchase an app in order to remove non-existent malware or security risks from the device.”
This malware is available on various third party Android app markets (unofficial sources). Once it gets installed in a device it goes on and proceeds with a scan and reports a wide array of infection and viruses reportedly present in your smartphone. You are then prompted to register the fake antivirus software to remove the threats. Registering of course will cost money.
If you decline this then it will wreck all sorts of havoc on your smartphone depending on what type of Android version you are using. It will continue to give you warnings of supposedly threats to your smartphone. It will also report to you that it has found a cache of porn files on your device. Other legitimate apps are prevented from launching by the malware. The dangerous part is that it will cause your device to crash and can even change system settings.
It’s very difficult to remove Android Defender since it asks for administrator privileges before installation. Once installed it automatically deletes its installation file making it difficult to analyze. So far though the malware seems to be buggy, but its developers are working on perfecting it.
According to Vikram Thakur, Symantec’s principal security response manager, “The thing is really all over the place. Right now, it looks like it’s just pure development and it made it into the wild by mistake or maybe [someone] put it out there to let the world do its quality assurance. What we’ve seen is definitely anything but ready for actual distribution and making money.”