Last week we reported on a piece of malware called MMarketPay that was purchasing paid apps on Android devices without notifying the user. This time, a new piece of malware is making its rounds, and what makes this one dangerous is the fact that it pretends to be an app that many users know and love: Skype. Not only does it pretend to be this very popular instant messenger/calling app, but goes as far as to send SMS messages to specific phone numbers without the consent of the user. But that’s not all. What’s really dirty is that the money you have to pay for those unapproved messages goes straight to the pockets of the rogue apps developers.
It basically works like this: The app presents itself as the standard Skype app, and once downloaded, it immediately begins sending messages to those premium rate numbers, which in turn costs the user money, and then goes directly to the malware makers. The biggest issue is that you’ll most likely only see the the charges for the messages when your next bill arrives. Even if the victim realizes that it’s a fake version of Skype and uninstalls it, many will most likely forget that they accidentally downloaded the fake app, making it very confusing to track down where the extra charges came from.
The fact that the malware hides itself as an insanely popular app is what makes it so dangerous. Skype is an established and trusted brand with over 663 MILLION users, and most smartphone users won’t think twice about hitting the download button for it. Since the app can also make telephone calls, the rogue apps request for SMS permission would also seem logical, making this particular piece of malware a pretty dangerous one.
So please guys...make sure that you’re downloading your apps from legitimate sources before pressing that download button. A member of Microsoft’s Malware Protection Center summed it up perfectly by saying:
“Just as you would when taking care of any valuable property, mobile users need to take appropriate security measures and precautions”.
Stay safe out there guys, and always double check before pressing that download button!
Picture credits: proaudioboutique.com, twiv.tv, spkcomputing.com, and wallpapers.free-review.net (edited by myself)