Google had recently upped the security of it’s Android Market, scanning apps for possible malware and deleting such apps which contained any. However, it would seem that the authors of Android malware had adapted quite fast. According to security firm Sophos, the Android malware is now spreading the Facebook app, rather than directly through the Android Market.
According to a security researcher, “A few days ago I received a Facebook friend request and, as is usual, used my Android smartphone to check out the details of the person before I decided whether I wanted to become “friends” or not. As the following video demonstrates, a link on the user’s Facebook profile redirected my browser to a webpage that downloaded malware automatically onto my Android phone.”
The malware package that is used to infect the devices any_name.apk. What it does is that it start calling premium rate numbers without getting the consent of the user. Naturally, the outcome is that the user is ripped of his money, and sometimes this continues for quite some time before the user eventually discovers it.
It’s a popular trick pulled by malware authors because it’s easy to pull and can be used to easily fool the user.