Have a good, close look at the image above. That's how the latest piece of malware will be trying to trick you into installing it -- by trying to get you to believe you're at the Android Market. The malware is called GGTracker, and it will try to sign you up for premium text messaging, leading to extra charges on your cell phone bill.
The people over at Lookout came across it, and wanted to be sure we all share the not-so-good news about how this one operates. It happens when you click a malicious in-app advertisement -- your browser opens to the URL in the image, looking just like the Market, in hopes that you'll install the fake (in this case a Battery Saver app) application. Also spotted was a version that claims to be an adult app (com.space.sexypic). After you click to install it, you're directed to install via the download notification. For now, it doesn't appear that this one is in the Android Market -- which means it might stay around for a while.
There are three easy ways to prevent this:
- Disable sideloading completely (or use AT&T as your carrier -- zing!)
- Use Lookout premium's Safe Browsing feature
- Pay attention to what's happening. The Android Market will never open in your browser. You'll also never be prompted to manually download an app from the Android Market.
This may be a no-brainer to many of us, but be sure to make your not-so-Android-savvy friends and family know. This comes with the territory folks. Combine popularity with the ability to install any apps you like, and there's bound to be an ^&$#*@! or two out there. It's no fun for anyone, but I'll still take it over the alternative.
Source: Lookout blog