Phones with Android operating systems are threatened by a new type of virus, one that mimics the interface of a computer program and holds hostage the phone, trying to force the user to pay a reward, according to Symantec.
The fake type antivirus malware (FakeAV) has arrived on mobile phones with the Android operating system. They take the phone prisoner until the user accepts to make an online payment to purchase a “full version” of the program.
How the fake antivirus works?
The virus gets on your mobile phone as an update of a program. Once this update is installed, which masks the fake antivirus, a shortcut is created with the name Android Defender (this program actually exists and is available in Google Play), in the example video by Symantec.
In a new window, the user is notified that an antivirus program has found several infected files after scanning. The user is then notified that he can ignore the scan results or can buy the full version of the program to remove the threats. The FakeAV program opens itself the connection for wireless or data traffic.
After that, the virus will block the phone but, if the user tries to press the ignore button, the other applications will no longer be accessible and no application can be deleted.
Because of compatibility issues, the fake antivirus will shut down the phone if the home button is pressed. After restarting, the story is repeated, and at one point, the virus alert the user that someone is trying to steal pornographic content from the phone and can get rid of the threat if he/she deletes the infected files found by purchasing the full version of the “antivirus”. At this point, the phone is completely blocked.
According to Symantec, this type of virus is difficult to remove after it infected the phone, an infection that can be prevented by using real antivirus programs. In some cases, users can not even reset the phone to factory specifications and need to connect the smartphone to a computer and use software from the manufacturer.
Reply