Battery saving app infects over 60,000 Android devices
Researchers at RiskIQ have uncovered a scam app that seeks to steal information and launches advert clicking to make money for the scammers.
The app is advertised as a battery saver. The twist here is that though it will actually do what it says and cut battery use, it does a lot of nasty stuff too.
"Many of the millions of scams we crawl at RiskIQ are relatively straightforward, but every once in a while we find something unique," say researchers Aaron Inness and Yonathan Klijnsma writing on the company's blog. "Usually, scams point to other web pages, but in this case, we noticed one that redirects victims who click to Google Play, where they are served a malicious app."
The infection starts with a scam online advert saying that a clean up of the device will improve its performance. Clicking either Install or Cancel takes you to a play store page to download the app. Clicking the back button on the ad page generates a pop-up to try to persuade you to proceed.
Once installed the app does indeed monitor battery status and kill off processes that are consuming a lot of energy. However, it also includes an ad-clicking backdoor and will steal information from the device including the IMEI, phone numbers, phone type, brand and model, location and more. It also has the ability to read SMS messages which the hackers use to deliver ad links for the app to click.
You can read more about the scam and see screen shots of it in action on the RiskIQ blog.