The news arrived from the FBI via the Internet Crime Complaint Center (IC3) division, warn the owners of Android smartphones about the appearance of new malware targeting this category of devices.
According to IC3 – the organization responsible for investigating allegations of criminal activities in the online environment, "Loozon" and "FinFisher" are the latest known versions of these forms of malware, each with a slightly different operation mode.
One of the strategies used to attract victims involves displaying a message that the phone owner is lured with job offers that involves working from home, at a substantial salary and offered in exchange for sending emails. The message contains a link that leads to a website infected with Loozon, the user being instructed to click on the link for more information about the job offer. Once infection has occurred, the malicious app extracts all the information stored in the address book along with the infected phone number.
FinFisher is a form of spyware that can take control over certain parts of the mobile phone, so that once infection is produced, the device can be controlled and monitored remotely, regardless of the location of the victim. Infection with FinFisher malware can occur when the user accesses using the Web browser a website or an infected link, or opens a text message disguised as an Android update.
IC3 provides some recommendations for protecting mobile phones, such as turning on the encryption feature in order to protect personal data in case of loss or theft, installing antivirus software for the smartphone, creating an access password and avoiding using untrusted public wireless networks.