Google removed the app iMessage Chat for Android from the Play Store yesterday after discovering it’s not exactly what it claims to be.
The iMessage for Apple products allows users to send text messages via WiFi for free without incurring the charges or limitations we typically see with a phone plan. It’s a popular app and I can see how an Android version could be well received, with some iPhone users switching to Android.
According to researchers, the suspicious iMessage app could potentially steal Apple ID’s, passwords and is capable of downloading additional APKs.
Along with stealing credentials it could capture your SMS messages, which might contain confidential data you probably don’t want being exposed or sold.
Smartphones no doubt make our lives easier and it’s great having so many resources available at our fingertips.
Mobile banking is one of those resources, with banks have made very feature rich apps that allow us to access our account, deposit checks, and money transfers.
Malware writers know this and have been trying to make an impact on Android’s banking app for some time now. There have been a several families with some of the same gangs targeting PC’s also targeting mobile such like Zeus and SpyEye.
A few days ago, an advertisement for a zero-day vulnerability in Firefox for Android appeared on Inj3ct0r, an exploit database.
The author, “fil9″, was just registered to the site last month, and claims the exploit works on Firefox versions 23/24/26(Nightly) for Android.
Malware authors creating fake Android markets where they provide a familiar look and feel of the real Google Play to exploit users is not a new concept, and we’ve talked about it in previous blogs.
Recently, we’ve found fake markets that are created with such detail that it’s almost hard to tell the difference between which is real the real Google Play and which is a scam.
Last week we blogged about how 79 percent of mobile malware was directed at Android and that SMS Trojans represent half of all malicious applications.
While most SMS messages are free or very cheap, there’s a special category called “Premium SMS” where each message you send can cost you up to $10.
But there’s a SMS fraud network that is particularly active in Eastern Europe and involves trojanized apps luring users with the usual culprits: fake software updates and porn.
Our journey starts with a standard (non-rooted) Nexus 4 phone: