Android malware has undergone explosive growth over the past two years. With a phenomenal multiplication percentage written in four-figure numbers every 12 months and claiming more and more victims worldwide, it has become so prominent that its caught the attention of the Internet Crime Complaint Center (IC3)Â – a taskforce including the FBI, among others.
Link to the Bitdefender Mobile Security on Google Play.
“The IC3 has been made aware of various malware attacking Android operating systems for mobile devices,” the warning on the IC3 website said. “Some of the latest known versions of this type of malware are Loozfon and FinFisher.“
Both e-threats are advertised as highly dangerous and contagious. While Loozfon is usually after usersâ€™ data, the FinFisher Trojan is a piece of spyware that reports the userâ€™s activities (phone calls, messages, e-mails and GPS positioning) to a command and control server.
What the FBI warning omits to say is that FinFisher is a commercial piece of spyware developed by UK-based software developer Gamma Group. This spyware has been used by a couple of governments (1), (2) for surveillance of their citizens.
Its advanced capabilities, paired with the fact that it has a version for any major smartphone operating system, have placed it among the favorite tools of cyber-crooks. The report does not say whether the specific FinFisher variant that the FBI identified is a commercial distribution of the Gamma Group or a piece of code obtained by cyber-criminals by reverse-engineering the commercial productÂ – a job that is as easy as 1, 2, 3 on Android APKs â€“ and then implemented in consumer-level malware.
â€œLoozfon and FinFisher are just two examples of malware used by criminals to lure users into compromising their devices,â€ states the report. If you have a smartphone, follow this link for a list of DOs and DONTs from the FBI. And make sure youâ€™ve got a mobile security product installed on it – itâ€™s as easy as reading the QR code above.