14 DAY TRIAL // Google Play customers should be on the lookout for applications infected with the Android.Opfake malware. The apps it hides in are advertised as being free, but those who download them can end up paying large amounts of money for their carelessness.
The Opfake malware particularly targets Russian users, sending SMS messages from their Android devices to premium rate numbers, Symantec experts report.
A recent scheme in which the piece of malware is being utilized starts on a fake Android app site which serves a file that apparently represents a popular application called “Talking Tom Cat.”
After the program’s alleged installation process is completed, the fun begins. In reality, what the user installed is the piece of malware, but in order to avoid raising any suspicions, the cybercriminals that run this campaign came up with an idea.
When the app is first executed, a “license agreement” is displayed which actually details its true purpose: the fact that it will charge money from the victim.
At this point, the user has no other choice than to press the only button displayed on the screen. In the next phase, a URL is shown which opens a website that contains a list of links.
The first link that’s displayed actually points to the legitimate and free “Talking Tom Cat” hosted on Google Play.
Even if the user realizes that he/she has been scammed, it’s too late. The SMS has already been sent to the premium rate number during the fake installation process.
As we’ve mentioned before, even Google Play occasionally serves malicious applications, but at least the chances of ending up with a piece of mobile malware are slimmer than if you install something from a shady-looking third-party market.
Remember! Always check for the permissions an app requests during the installation process. A “talking cat” shouldn’t ask for the right to access services that cost money.