We recently found an Android malware that comes off as a variety of applications in a China-based third-party app store.
The samples we were able to acquire came in the guise of a love test app, an e-book reader, or a location tracker. It is immediately noticeable that the said apps do more than these are supposed to based on the permissions these seek.
This particular Android malware detected as ANDROIDOS_LUVRTAP.B automatically executes once an infected Android device is rebooted.
Upon execution, it retrieves the affected users’ International Mobile Subscriber Identity (IMSI) and sends it to a certain URL. It also sends text messages to subscribe to certain services, which eventually lead to unwanted charges for the affected user.
The apps have been taken down from the app store. Users are, however, strongly advised to be extremely meticulous when it comes to installing apps in their devices. Take note of their descriptions, make sure the permission requests apps seek are valid, and watch out for any suspicious routine such as automatic text message sending.
Learn more about keeping Android devices safe from malware through our e-book, “5 Simple Steps to Secure Your Android-Based Smartphones.”