androidmalwareBAD

PSA: Mobile web users are being redirected to a malicious system update website

Something weird is going on for those using mobile browsers like Google Chrome, and you should definitely know about it. Folks over at AndroidForums.com are reporting that they’re randomly being redirected to a website that claims to be installing a system update, as well as a popup alert that states your device is out of memory. Here are a couple of screenshots showing what it’d look like should you be unfortunate enough to come across it:

The website’s URL begins with “system.androldupdate.com” (note the lower-case L in place of an I in the word “Android”) and the page is made to look like an app update screen. Said page claims to be delivering a “System Kernel UI upgrade,” a strange one considering Google would never issue a kernel upgrade in this manner. The issue rears its head on a wide range of devices, including the Nexus 5, the ZTE Warp and the Samsung Galaxy S3.

Thankfully the Android Forums community is cautious enough to steer well clear of clicking anything on this page so we’re still not sure what, exactly, it’s attempting to do. There’s a chance it could attempt to download malware onto your device if you click anything on the page, though without any confirmation we can’t outright say that’s the case.

But more than what it does, we’re particularly worried about how all these different people seem to be exposed to the malicious page. The page reportedly loads at random when visiting a number of different trusted sites, such as NBC News, ABC or Cracked.

The early belief is that an ad network used by these sites have been infiltrated by a rogue ad that can take you from your intended destination to this deceiving page, something that certainly isn’t outside the realm of possibility considering it’s happened time and time again. All three of the aforementioned websites have one common denominator: they all use DoubleClick, Google’s widely-used premium ad-serving platform.

But that’s just the initial thought. The fact is much of the details about this are still unknown, but we’ll be looking to dig to the bottom of the story as more discussion takes place. Unfortunately Phandroid staff have been unable to reproduce the issue when trying to visit the aforementioned websites.

In the meantime we’ll be doing our part by contacting Google and seeing if they can shed any light on what’s going on (or if they’re even aware of the situation at all). Let us know if you’re seeing the same weirdness when browsing websites using Google Chrome, and by all means partake in the discussion at Android Forums so we can gather more information and perhaps get to the bottom of this concerning situation.

Oh, and this should go without saying: if you’re unlucky enough to come across this page then we advise you to close the tab immediately and don’t interact with anything on the website, and we urge you to leave a comment below or at AndroidForums letting us know what site you were visiting when you encountered it.

Exit mobile version