Mysterious Android malware puzzles GoMo

And it’s hosted by Amazon

source: jason samuels

Here at GoMo Towers we’ve been puzzled by the mysterious appearance of an Android malware attempted installation scam. The puzzle is that we (and it appears we’re not alone), can’t figure out where the fake warning message has come from. We’re particularly indebted to Jason Samuels, IT Director with the National Council on Family Relations for documenting his encounter with this piece of malware on his Tech Thoughts blog here.

If you fall victim to this same attempted malware scam, the message you will see reads, “check your ANDROID NOW for a virus!”

Actually, the message is the virus – a technique which we’ve seen many times before in the Windows/PC environment.

What puzzles us is that the scam is actually hosted on the Amazon Web services site as you can see from the URL – fileserving5323.s3-website-us-east-1.amazonaws.com.

We’ve removed the http:// just in case any reader accidentally clicks on it.

Now, Mr Samuels reported this scam to abuse@amazonaws.com some weeks ago but it’s still there.

GoMo News is wondering that given Google runs Android and Google is a major competitor, it can’t be bothered to do anything about it.

Which would be strange. given that the Amazon Kindle range are Android powered devices.

Anyway, if you are foolhardy enough to click on the link, then the ‘app’ will detect that you have a virus called Mobile OS/Tapsnake which is one of the first ever Android Trojans.

And from there you will be lured into installing/purchasing malware to get rid of a non-existent virus.

What is puzzling GoMo News in particular is the source of this dangerous message. Because it doesn’t seem to be related to any site in particular.

We’ll just have to ask our mobile security expert friends if they can shed any light on this.

About Tony Dennis

Tony is currently Editor of GoMobile News. He's a veteran telecoms journalist who has previously worked for major printed and online titles. Follow him on Twitter @GoMoTweet.
This article was published in Amazon, android, google, mobile security and tagged , , , , . Bookmark the permalink.

One Response to Mysterious Android malware puzzles GoMo

  1. Lord Muck says:

    More than likely, it’s triggered from in-page adverts!

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>