SOURCE: TrustGo Mobile

TrustGo Mobile

October 17, 2012 15:11 ET

TrustGo Security Labs: New Threat Targets Popular Mobile Security App

Advanced Malware, Found on Google Play, Disguises Itself as App Update

SANTA CLARA, CA--(Marketwire - Oct 17, 2012) - TrustGo Mobile Inc. (TrustGo), a leading mobile security company, today announced TrustGo Security Labs discovered a new and dangerous virus on the world's leading Android app marketplace, Google Play. The malicious code was hidden within an app named, "Updates" by developer Good Byte Labs (Package name: com.updateszxt) and was designed to look like an update to the Lookout™ mobile security application.

Dubbed Trojan!FakeLookout.A by TrustGo Security Labs, the malicious app steals user SMS/MMS messages and video files, as well as all the files on the user's SD card and transmits them to a remote FTP server operated by the malware maker. With these functions, the virus has the potential to cause significant privacy breaches and to expose all the sensitive personal and business data on users' devices to malicious actors.

The new malware is significant in that it hides its presence on the infected user's device by removing itself from the device's full Application List, leaving only a false and misleading icon in the Downloaded Apps list that uses the familiar logo of Lookout, and the name, "Updates." The offending app was first seen on October 15, 2012 and positively identified as malicious just 36 hours later. TrustGo immediately notified Google of this new virus and confirms that the infected app has been removed from Google Play, limiting the infection to a small number of users. TrustGo has also alerted other app marketplaces that have been found to contain the threat.

FakeLookout.A indicates a new approach being attempted by malware makers. The virus-containing app sent its stolen data to a domain hosted in Thornton, Colorado that also hosts a malicious website. The site contains a Trojan file that targets multiple platforms including Windows, Mac and Unix/Linux operating systems. This malicious program is able to drop different Trojan files, depending on the user's operating system.

"The brazen use of a trusted app's logo shows just how aggressive malware makers are becoming," said Xuyang Li, CEO of TrustGo. "These fake apps not only put users' data and privacy at risk, they can damage the reputation of respected developers. TrustGo continually monitors new apps uploaded to more than 185 marketplaces worldwide and is able to provide App Certification and Brand Protection services that alert developers when malicious clones and apps that falsely use their logos have been found."

TrustGo's SAFE App Reputation cloud services are updated immediately when new threats are discovered. Users of TrustGo's free Antivirus app are automatically protected from Trojan!FakeLookout.A and thousands of other malicious and risky apps. For a detailed description of this new virus visit http://blog.trustgo.com/fakelookout.

Quick Tips for Securing Your Android Device

  • Download TrustGo Antivirus™ app so you can:
    • Check the security of every app before downloading with TrustGo Secure App Finder Engine (SAFE)
    • Scan malware in real time to ensure that new apps you're downloading are not malware, malicious clones or compromised by High Risk behaviors.
    • Browse the web securely as TrustGo will notify you instantly when a site you're browsing is malicious or part of a phishing scheme.

TrustGo Services for Developers

  • TrustGo App Certification and Brand Protection:
    • Track and monitor "Tip," "Cheat," "Fan Apps" and other apps that use the developer's brand names, app names, logos and descriptions
    • Identify and report malicious clone apps, re-packaged apps with malware or adware additions, cloaking schemes using developer branding, user registration re-directs, etc.
    • Assist in the removal of offending apps on global marketplaces

About TrustGo Mobile Inc.
TrustGo, a Santa Clara-based mobile security company, provides Android users the freedom and confidence to find, download and use the apps they love, wherever they find them. Dedicated to providing the ultimate security platform for Android smartphones and tablets, TrustGo's app offers a comprehensive suite of advanced security and mobile device management (MDM) features to the consumer for free. In addition to protecting users against traditional threats such as malicious app activity, privacy breaches, identity leaks, device loss and theft, TrustGo prevents users from downloading dangerous apps through its Secure App Finder Engine (SAFE). TrustGo was founded by web security veterans in 2011. TrustGo is available now on Google Play. (https://play.google.com/store/apps/details?id=com.trustgo.mobile.security). For more information, visit TrustGo at www.trustgo.com

Contact Information