Facebook Buying Instagram Sets Off Android Malware App Feeding Frenzy

April 26, 2012

News that Facebook was buying Instagram, a free photo sharing program, for $1 billion in cash and stock, had the same effect on cybercriminals as bloody chum in the water has on sharks.

Suddenly fake websites advertising Instagram apps for Androids started turning up faster than musicians at a free post-concert buffet (If you’re wondering how fast that is, get in a position to watch a table full of free food after a concert. But, don’t get too close. We wouldn’t want you to get hurt in the rush.)

Anyway, these fake websites advertised free Instagram app uploads which hid Trojans that had users sending outrageously expensive international text messages. Presumably the creators of the malware made their money by getting a percentage.

According to zdnet.com, Sophos, which first discovered the malware, identified it as “Andr/Boxer-F”. Noting multiple photos of a man in the apk file (a packaging file format for the Android operating system), the company speculated that the photos were included more than once to change the fingerprint of the file, trusting that rudimentary anti-virus scanners wouldn’t be able to detect the difference in fingerprints.

While these cybercriminals may not be the smartest people technologically, they do know a good thing when they see one. zdnet.com reported, “A day after the acquisition announcement, Instagram became the top free iPhone app on Apple’s App Store, and Android downloads have been off the charts (way over 5 million in less than a week, though Instagram has yet to share official numbers).”

ThreatMetrix™ doesn’t have an answer for people looking to download free apps without going to an official site. However, ThreatMetrix does have the best shark repellent on the planet when it comes to keeping enterprises safe from attack.

ThreatMetrix offers a complete package of online protection including secure browsing technology that protects smart phones and other devices against malware and stops man-in-the-browser (MitB) attacks. The ThreatMetrix™ Cybercrime Defender Platform is the first industry solution that integrates sophisticated malware detection and advanced device identification technologies in a single, unified platform. This unified approach to cybersecurity is a game changer. By integrating malware detection and device identification with shared, centralized intelligence, ThreatMetrix delivers the unique ability to protect the integrity of entire online transactions. And, it’s done without relying on passwords, user names and cookies to protect its clients. The ThreatMetrix Cybercrime Defender Platform uses anonymous data from the computer, its connection to the Internet and contextual data from a transaction to sniff out cybercriminals of all types, as well as spies and hackers.

 

Posted by Dan Rampe Categories: Andr/Boxer-F malware . Android malware . Android mobile fraud . Android.Opfake.B . Android/FakeToken.A . Botnets . Cookie wiping . Cookieless Device Identification . cybercriminals . Device Detection . Device Fingerprint . Device ID . Device Identification . Facebook . Facebook Malware . fraud . Hackers . Hacking . Instagram malware . Malware . malware prevention . malware protection . man-in-the-browser attack . MitB . MitB Trojan . Online Fraud . personally identifiable information . PII . ThreatMetrix . ThreatMetrix Cybercrime Defender Platform . Trojans . TrustDefender Client . TrustDefender Cloud . TrustDefender ID . TrustDefender Mobile

source: www.threatmetrix.com