Security researchers are warning Android users that there is a new malware attack spreading specifically aimed at Android devices. The Android malware was discovered by the security arm of Dell called Secureworks. According to the security researchers, the malware is currently circulating heavily around the Internet.
The malware is designed to steal sensitive data from the user’s smartphone and enable the attacker to place premium phone calls. The image above is a shot of what the IRS e-mail used by the malware looks like. When the user clicks through to the website in the e-mail, a fake Adobe Flash updater pops up.
If the user clicks on that fake updater, malicious software is installed allowing access to the device. The malware installed is also able to intercept text messages allowing the nefarious hacker to bypass two-factor authentication programs. The security researchers say that there is a reasonable chance the typical Android user will encounter this threat due to the huge volume of spam distributed by the bot net that is behind the attack.
To protect yourself, the security researchers say that users of Android devices shouldn’t allow the installation of applications that are not distributed through the Google Play marketplace. The researchers say that users need to be sure the “Allow Unknown Sources” option is disabled in the device security settings. The malware is using the Cutwail Botnet for distribution.