Having to deal with malware is not an uncommon disclosure for Android device owners. Most of them unknowingly install apps that are packed with some form of malware. The newly discovered malware called ‘Gazon’ takes the same route: cloaking itself as an Amazon voucher app before using a victim’s contact list to infect new targets.
The malware is used to send messages to a victim’s phone contacts that are linking to supposed offers for Amazon vouchers promising a $200 gift (non-existent). When an Android device owner opens these messages, they try to install malware that restarts the whole process and introduces a new wave of scam messages.
The malware attack managed to generate more than 16,000 user click throughs across different channels, including email and social networks such as Facebook, infecting users in more than 30 countries, since surfacing on February 25. The primary distribution channel was SMS, accounting for more than 99 percent malicious messages, reported AdaptiveMobile.
The firm said the following in a release:
“This is the fastest growing text-message malware targeting Android that has been seen to date.”
The malware functions as following: the target gets a personalized text from a contact of friend reading “Hey (name), I am sending you a Amazon Gift Card worth $200. You can claim it here,” followed by a malicious link. Because the message looks like it was sent by a genuine contact, the user is likely to click.
Users then receive a prompt to download the “awards app.” In one case, users were asked to take a survey, which enabled hackers to net some affiliate marketing dollars. Meanwhile, the malware infects the victim’s phone, and sends out its own copies to all the contacts on the phone.
While this may seem like Android users will always been prone to malware, apps are regularly screened as they pass through the Google Play Store. Apps that are flagged as inappropriate and malicious are removed after review. Inherent risk is always involved when users side load applications they have installed on their own.
Measures to protect yourself against the malware
Luckily, there are steps you can take to prevent such malware from damaging your phone. The first thing you should do is restrict yourself from installing suspicious applications from outside Google Play, especially those claiming to offer discounts from Amazon. Secondly, if you get an SMS from a contact looking like the sample message mentioned above, do not open the link inside it.
If you’re the owner of a device that has been infected already, you can download a mobile security solution to detect the malware, or choosing to wipe your Android phone’s memory completely (after you backup the important content) should completely eliminate the malware.
The Gazon malware attack has spread far and reached many countries including Canada, the UK, India, Korea, Mexico, France, Australia and the Philippines, after surfacing in the US last month. Further details of the attack, including the appearance of the dodgy messages, are available on the blog of the reporting source.