Android Security Alert: New Trojan Charges You for Premium SMS Services

Well, that’s clever. Lookout Mobile Security posted on their blog today on a new type of malware targeting Android users via advertisements. The malware is dubbed GGTracker. What’s unique about this malware is that the app isn’t actually found in the Android Market but instead through in-app ads. Sneaky. Upon clicking the ad, you will be taken to a webpage mimicking the Android Market and from there entices you to install a “Battery Saving” app or an adult “Sexy Pics” app. Once either app is installed, the app will sign you up for premium SMS services like “Find Your Jersey Shore Name” (mine was The Salivation) which you may not notice til your next phone bill.

I know most people out there will say, “If you’re dumb enough to install an app from a webpage, blah, blah, blah..” that doesn’t really take into account all the thousands of new Android users who may not be aware of how this stuff works (or that malware even exists on their phone).

As is always the case, Lookout’s wants you to know that you could prevent malware and trojans such as this by installing their mobile security app — or you could exercise a littl bit of caution, common sense and disable the side-loading of apps in your phone’s settings. I don’t think Mom really cares to know what her crush’s name is via SMS.

[Via Lookout]

Continue reading:




  • Thenefield

    Wow this clever. Its also ironic that this “new” trojan becomes identified right after Lookout releases an update to protect against it and said feature is only available to Premium users. Just saying.

    • Jeff432

      I think Lookout is creating a lot of these “viruses” themselves.

      • http://twitter.com/TwiTati Tati

        looks like the site has been taken down.

    • MaddmattH

      Troll posting rubbish. Lookout protects from viruses for FREE.

      It’s a genuinely useful app, it tracks a missing phone too. Also for free.

      It’s not the only one of course.

  • HalfwayCrook

    Well come on now. First off, you have to enable the option to download apps from outside sources, which is unchecked at default. So most people wont affected. And this isn’t really a problem with market, so I don’t see a problem here. I wonder how much Lookout pays you guys… That, or my fanboyism is clouding my judgement :/

    note:edited to mention Lookout sponsored this website.

  • ILIkeBubbles

    so… it looks like phandroid has adopted Lookout as their official security app. is there a real endorsement here? should i download this app? Why haven’t we heard about any other security apps? i’m sure that Lookout isn’t the only one doing Android malware research…

    • http://twitter.com/gamercore Chris Chavez

      I think there is an AVG one on the Market. I, personally don’t use any type of security apps simply cuz I always know what I’m downloading and I don’t try to download free apps off the black market. =p

      • eclipsenyou

        Even you should know that your practices aren’t 100%.  There have been dozens of instances where malware has made it to the Market. Just because you “know” what you’re downloading, doesn’t make it safe.
        Personally I use Lookout and it scans every app downloaded to my phone.  Peace of mind is a great thing!

        • http://www.facebook.com/bleleux Brian Leleux

          Most of the apps that did make it to the market were “sexy girls” and the 1 billionth copy of a similar app. With the Android market, there’s probably at least 2 versions of apps that do the same thing. You’ll always have a choice and usually the better one is obvious when compared to one of these malware apps.

  • Jonnyboyca

    I always thought anti virus companies are the ones who create the viruses

  • Jeff432

    It’s extremely obvious that Lookout paid this blog to post this article so then we download this app.

    STOP THE PAID ARTICLES.

    • http://twitter.com/gamercore Chris Chavez

      If that was in fact true, I would have written that the ONLY way to prevent malware would be to use their app..

      I’m actually kinda leaning towards the conspiracy that Lookout may be making all this malware they’ve been discovering o_O

      • HalfwayCrook

        Sounds like something someone endorsed by Lookout would say.

        • ScottColbert

          That sounds like something that someone with a tin foil hat would say.

          • Jeff432

            That sounds like you’re working for Phandroid

          • http://twitter.com/gamercore Chris Chavez

            This will never end! Hahaha! xD

          • HalfwayCrook

            Get off my dick, bro. You’re f***ing trolling half my comments.

    • ILIkeBubbles

      paid articles? really? how often do you read phandroid? do you KNOW any of these guys who write the articles? Why are you trolling?

  • Jeff432

    Lookout and other security apps are totally not needed.

    They simply just slow down your device.

    • eclipsenyou

      Wrong!  The only time Lookout is utilized is when you’re downloading an app and it takes all of 5 seconds to scan said download.  And if you’ve set it up to scan your phone on a weekly basis, which takes about 20 seconds.  This app does not slow down your phone, nor does it use up your battery. 
      Don’t knock it if you haven’t tried it.

      • AD1980

        I’d like to know if it’s ever actually been useful though.  Looking over the past few weeks of Android malware events it appears that some 3rd party finds out about malware and informs everyone.  Lookout then starts monitoring for it at the same time that Elgoog removes it from the market.  But if it’s no longer in the market, then I don’t need Lookout to look for it.  It appears completely retroactive and useless unless you’re downloading from shady 3rd party websites.  And in that case, you’re kind of asking for it anyways.

  • B2L

    Of course Chris knows his Jersey Shore name. Lol.

    • http://twitter.com/gamercore Chris Chavez

      o_O

  • Mattk15

    Lame!!!!

  • http://twitter.com/nrbovee n.r. bovee

    Or you could root your phone and install AdFree, and you won’t see any ads to be clicked on. All I see are little blue question marks.

  • Chimphappyhour

    The fact remains that it is still a matter of having to actually download an actual app before you get infected. What’s dumber than downloading Sexy Big Breasted Japanese Babes from some off developer in the market? Downloading anything you find in any ad on anything electronic. Doing so would be like being the proverbial individual who was “born yesterday”.There is nothing new here. Just someone trying to generate scary headlines. Who owns Lookout?!? Apple by chance?

  • saimin

    Just disable all pay SMS on your phone and use Google Voice to send free text messages.

  • BloodKil

    Really???  My 3 year old knows not to click on adds on the computer or on my phone…  Not saying that there are not people stupid enough to do so, but if they are that stupid they would probably never find their way to this website, as they would have 50 pop-ups open on the first 30 seconds of starting their browser.  (at least I think pop-ups still exist…?)

  • y0 mamma

    Adblock FTW!!

  • ScottColbert

    No, your being a tool is clouding your judgment.

  • William Eldridge

    If malware is being distributed by one or more ad networks, whether intentionally or because the ad network is compromised (which has happened frequently with web advertising services over the past few years) any app that displays ads can become an attack vector. Combine that with the fact that many apps put the ads at the bottom of the screen right above the home/back keys, and it is very possible that even experienced users could end up downloading malware delivered in this way.

    Right now, in this attack, there are ways to protect yourself, for example by disallowing non-market apps (which is great if you haven’t been lured in by Amazon App Store) but future attacks may find ways of making Android think the download is being triggered by the app itself. Personally, I think this is just the opening salvo of a threat that really shouldn’t be dismissed too casually.

  • Jomama

    How come Lookout is the one always finding this malware?