Sign in with
Sign up | Sign in

FBI Issues Malware Warning to Android Phone Users

By - Source: Internet Crime Complaint Center | B 30 comments

The FBI is warning Android device owners about Loozfon and FinFisher.

The FBI's Internet Crime Complaint Center (IC3) issued a warning to Android smartphone owners on Friday that point to two specific malware: Loozfon and FinFisher. The firm also provides a list of safety tips that will help protect smartphones from hackers.

In the public warning, the FBI said that criminals are using different versions of Loozfon. One scheme is a work-at-home opportunity that promises big money by just sending out email. Another scheme involves links to a subscription-based dating service that supposedly helps women meet rich men.

In both scenarios, when the user clicks on the link to find out more, they're directed to a website that pushes the Loozfon malware app onto the device. If installed, it then steals contact details from the address book and the user's phone number.

During the summer, Symantec said this particular malware targets female Android users in Japan. "If this trick does not work, the criminal group has another trick up its sleeve. It also sends spam that states that the sender of the email can introduce the recipient to wealthy men. When the link included in the body of the email is clicked, the malware is automatically downloaded onto the device," the firm said.

Symantec said the criminals are likely harvesting email addresses and phone numbers to send spam to the user's contacts in hopes to lure them to the fake sites and/or sell the data to another group of spammers.

But with the FBI now involved, it seems that the Loozfon scheme has reached the North American shores. The government is also warning device owners about FinFisher (or FinSpy), a spyware tool capable of taking over the components of a mobile device.

"When installed, the mobile device can be remotely controlled and monitored no matter where the target is located. FinFisher can be easily transmitted to a smartphone when the user visits a specific web link or opens a text message masquerading as a system update," the report said.

FinFisher is actually surveillance software developed by U.K.-based Gamma Group and sold to law enforcement channels. It was discovered being used to actively target dissidents is countries with an autocracy government system. It can be installed on a target device when the user accepts the installation of a fake update for commonly used software.

The FBI is now telling consumers to know the features of a smartphone when making a hardware purchase. They should also know the default settings, and turn off device features that are not needed to minimize the attack surface of the device. That said, does the FBI think some of this malware will come pre-installed right out of the box?

The FBI's list goes on to state the obvious: read the reviews on app markets, obtain malware protection, passcode protect the device, review the permissions of apps before installation, and more.

 

Contact Us for News Tips, Corrections and Feedback

Display 30 Comments.
This thread is closed for comments
Top Comments
  • 15 Hide
    nebun , October 15, 2012 10:21 PM
    is this warning really coming from the FBI....this is too funny
  • 15 Hide
    MAC_HATER , October 15, 2012 10:23 PM
    i like how im reading this article and its surrounded by ads that say "MAKE 900 DOLLARS AN HOUR BY CLICKING HERE" and "THIS OLD BAG FIXED HER FACE WITH $5 OF STUFF AND DOCTORS HATE HER _ CLICK HERE!"
  • 13 Hide
    damianrobertjones , October 15, 2012 10:19 PM
    @Robochump: The iPhone also has isssues and just because you have one does not make you no better or worse than someone that doesn't or someone that has another phone. Grow up as there's more to life.
Other Comments
  • 13 Hide
    damianrobertjones , October 15, 2012 10:19 PM
    @Robochump: The iPhone also has isssues and just because you have one does not make you no better or worse than someone that doesn't or someone that has another phone. Grow up as there's more to life.
  • 15 Hide
    nebun , October 15, 2012 10:21 PM
    is this warning really coming from the FBI....this is too funny
  • 8 Hide
    abbadon_34 , October 15, 2012 10:23 PM
    So that means you are safe as your troll for your rich husband? So nice the FBI has moved from investigating murders and terrorists to protecting gold diggers who still don't know to not click on spam
  • 15 Hide
    MAC_HATER , October 15, 2012 10:23 PM
    i like how im reading this article and its surrounded by ads that say "MAKE 900 DOLLARS AN HOUR BY CLICKING HERE" and "THIS OLD BAG FIXED HER FACE WITH $5 OF STUFF AND DOCTORS HATE HER _ CLICK HERE!"
  • 10 Hide
    math1337 , October 15, 2012 10:23 PM
    Android automatic downloading is a bit annoying. It should ask for a confirmation before downloading a file.
  • 0 Hide
    _Cubase_ , October 15, 2012 10:47 PM
    Really the FBI needs to understand that an Android phone is not something you can jump dump stuff on, it's not a big truck!
  • 10 Hide
    A Bad Day , October 15, 2012 10:49 PM
    otacon72I'd rather have Apple's closed system than deal with all the malware BS with Android.


    Well, I hope you're more than happy to torch your wallet than to be smart, go with Apple's loony map service, and risk having more features getting cut out.
  • 11 Hide
    wolley74 , October 15, 2012 10:51 PM
    MAC_HATERi like how im reading this article and its surrounded by ads that say "MAKE 900 DOLLARS AN HOUR BY CLICKING HERE" and "THIS OLD BAG FIXED HER FACE WITH $5 OF STUFF AND DOCTORS HATE HER _ CLICK HERE!"



    what ads? ;) 
  • 10 Hide
    dxwarlock , October 15, 2012 11:01 PM
    In both scenarios, when the user clicks on the link to find out more....

    People haven't learned yet NOT to do this? You cant keep stupid safe from everything I guess...

    I myself would hate to be the guy that had to write the 'warning' to people.
    "Hey people are getting bad malware on androids"
    "Hmm really? is it some bruteforce attack, or security hole being exploited?"
    "No...they are clicking links that say 'Get rich now!' or 'Rich guys looking to marry you!"
    "......really? your joking right..."


  • 4 Hide
    samwelaye , October 15, 2012 11:02 PM
    Wolley74what ads?


    exactly. sorry toms, but this is one site i dont have on my adblocker whitelist. Why? the ads are hardly relevant, and theyre animated a majority of the time. Animated ads = nono
  • 7 Hide
    Anonymous , October 15, 2012 11:27 PM
    I'm glad I have a dumbphone.

    For mobile, I have a laptop.
    For home, I have a PC.
    For a phone, I have a rock that I can throw at people.
  • 2 Hide
    halcyon , October 15, 2012 11:43 PM
    Its always something.
  • -1 Hide
    house70 , October 16, 2012 12:14 AM
    Meh... same common sense needs to apply. It's a portable computer, keyword being computer. Modern version of PEBKAC.

    Funny to watch the iTrolls coming out the woodwork, though. The fact that Apple has increased their ad-based "surveillance" with the latest iOS iteration doesn't seem to bother them a bit.
    Pot, meet kettle.
  • 2 Hide
    kanaida , October 16, 2012 12:17 AM
    This is nonsense. This is a commercial software package that is sold specifically to government agencies for the purpose of spying on people.
    Quote:
    FinSpy is a field-proven Remote Monitoring Solution that
    enables Governments to face the current challenges of
    monitoring Mobile and Security-Aware Targets that
    regularly change location, use encrypted and anonymous communication channels and reside in foreign
    countries.
    Traditional Lawful Interception solutions face new challenges
    that can only be solved using active systems like FinSpy:
    · Data not transmitted over any network
    · Encrypted Communications
    · Targets in foreign countries
    FinSpy has been proven successful in operations around
    the world for many years, and valuable intelligence has
    been gathered about Target Individuals and Organizations.
    When FinSpy is installed on a computer system it can be
    remotely controlled and accessed as soon as it is connected to the internet/network, no matter where in the
    world the Target System is based.
  • 2 Hide
    kanaida , October 16, 2012 12:18 AM
    Quote:
    Usage Example 1: Intelligence Agency
    FinSpy was installed on several computer systems inside
    Internet Cafes in critical areas in order to monitor them
    for suspicious activity, especially Skype communication to
    foreign individuals. Using the Webcam, pictures of the
    Targets were taken while they were using the system.
    Usage Example 2: Organized Crime
    FinSpy was covertly deployed on the Target Systems
    of several members of an Organized Crime Group. Using
    the country tracing and remote microphone access, essential information could be gathered from every meeting
    that was held by this group.
  • 2 Hide
    house70 , October 16, 2012 12:18 AM
    otacon72I'd rather have Apple's closed system than deal with all the malware BS with Android.

    Wish granted. Enjoy your "golden" prison.
  • 1 Hide
    kanaida , October 16, 2012 12:25 AM
    Apparently you didn't notice that it also supports IOS so you're screwed.
  • 1 Hide
    kanaida , October 16, 2012 12:26 AM
    supports iOS, Android, Windows, Blackberry, and Symbian phones.
Display more comments