PetaPixel

Malware Disguised as Night Vision Camera App Empties Your Wallet

416081274917

With 98% of mobile malware being directed towards the Android operating system, it’s no surprise that the Google Play Store contains more than a few insidious applications that intend to do you harm.

The most recent of these to make headlines is an app uncovered by AVAST, which hides behind the thin facade of a night vision camera app and does its best to empty out your wallet.

Called Cámara Visión Nocturna — Spanish for “Night Vision Camera” — the “camera” app (which looks to have been taken down) asks to make use of some suspicious permissions upon downloading it, giving it access to messaging apps, such as ChatOn and WhatsApp.

google-play-logo

From there, AVAST says it sends the numbers from those apps to its servers, where it secretly signs you up for a suspicious SMS service, for the low price of $2.80. That’s only the beginning though. Once signed up it’ll continue sending out messages without your knowing, bringing the total bill up to $50 per month.

This isn’t exactly an isolated incident on the Google Play Store, nor does it mean other mobile operating system are safer — as iOS’ latest security flaw points out — but it does go to show that you should do your research before purchasing an interesting app… you never know what it may be doing behind the scenes.

Overall, just be aware of what you’re downloading and pay particular attention to what permissions it’s asking for. Android tends to be much more lenient on that end, but it can happen on any system.

(via AVAST via PC World)


Image credits: Screenshot provided by PC World


 
  • Alan Klughammer

    When you install something on any computer, check to make sure it is doing what you want. Computer Trojans have been around almost since the advent of computers.

  • Dhaval Panchal

    Nobody seems to give a cr*p these days though. The average user just accepts the permissions no matter what. Just have a look at the vine app’s permissions, for example. Not very happy with those.

  • Alan Klughammer

    I do blame the proprietary software companies. With unrealistically long TOS and a “click to continue” mentality, we have all been trained just to click on “next” without really paying attention.

  • OtterMatt

    If you’re on a desktop, a process sniffer and malware protection are your best friends. If you’re on mobile, you better hope you have common sense, because that’s all that you’ve got.

  • Andrew Kandel

    Wait, a company that markets their product towards peeping toms is shady? Who can you trust these days.

  • Mike

    HAHAHA whoever was daft enough to believe this almost deserved it.

  • Dhaval Panchal

    I find this very useful. https://twitter.com/ToSDR

    For the TL:DR society we live in today.

  • Bearr

    I use Lookout on my android phone. It scans apps for malware.

    I’m always amazed at how easily we give our details to apps. I would never dream of just handing over name, address and bank account details to any old website, but an app I just downloaded? Yeah, sure, no problem!

  • Stupid Permissions

    I haven’t updated my Vine, FB or Twitter apps in a while because of the permissions they added a few versions ago. Honestly about to uninstall all of them because of it.

  • ThatGuy

    The best protection against any type of malware is your brain.

  • ThatGuy

    Yes, Lookout works really good. I’ve used it for a few years and have never had any malware problems.

  • http://www.shinyphoto.co.uk/ Tim

    Sorta.
    Nothing stopping you use common sense on a desktop – you wouldn’t need so much anti-malware if people were more clueful.

    And on mobile, there are anti-malware things – LookOut and AVG to name but two.

  • http://www.shinyphoto.co.uk/ Tim

    It is proprietary-ness in general at fault, including the ludicrous idea that Google can tell you what’s safe whilst not manually vetting every individual APK that comes their way. Don’t trust the messenger, trust what it’s trying to do!

    Or, better still, get your apps from F-Droid; everything open-source, flags when they promote non-Free addons or services. GnuTLS notwithstanding, “don’t be evil” notwithstanding, I’d rather the world was more open and distant from monopolies, even Google.

  • Steven

    Yes, and we all saw what South Park did with the Apple EULA

  • Dhaval Panchal

    Yeah my fb app is saying it will email ppl in my address book without my consent! WTF is up with that?! Just SCREAMS spam

  • http://www.CameraPhoneCash.com/ CameraPhone Cash.com

    Scary stuff that an App on your phone can drain your bank account if you’re not careful!

  • Leo Cavallini

    Avira app