Android apps are targeted because the Android ecosystem is open and therefore easier to exploit. The attacks use a form of hacking dubbed “spear phishing”. There are currently three known phishing attacks that have affected the Android community.
One of the attacks is known as Loozfon, and in one instance, appears to a user as a work-from-home opportunity. A user receives a text or an email on his Android device and when he opens the link, Loozfon sends the malware through to the phone. The goal of the Loozfon attack is to steal contact information from a user’s device.
The second piece of malware is called FinFisher. FinFisher operates in the same way as Loozfon does, by sending a text message or email to a user’s phone. The message to the user appears as a system update but instead of updating the operating system, FinFisher allows the hacker to remotely control the user’s phone. Some hackers simply create applications masquerading as games and let the app install the malware once a user downloads and opens the game.
Clearly, all of the attacks can be very damaging – by compromising users’ personal data – and are designed to deceive consumers into downloading them. Because the attacks can be used to extract data such as transaction details or credit card numbers, it is imperative that everyone in the mobile application and platform pipeline be aware of, and works hard to combat, the potential of cybercriminal attacks.