contadores de paginas web Saltar al contenido

Android Defender, a fake antivirus with ransomware behaviors

android defender falso antivirus

Ransomware is a type of malware that is characterized by blocking computers and requesting a payment to unlock them, one of the best known is the police virus that you surely once heard of.

On the other hand, fake antivirus programs pretend to be legitimate programs and detect threats on the computer so that users end up buying a license. On the blog there is a whole section dedicated to them.

Both types of malware are well known in the world of PCs and in recent years have generated millions in profits for cybercriminals. Most of the victims end up infecting their computers without knowing it and then when they pay they do it because they do not know the methodology of these deceits and in the case of some ransomware they have no other option.

But times change and now it seems that attackers are targeting the world of mobile devices which grows by leaps and bounds.

Android Defender is a Trojan detected by Symantec in early June that pretends to be an antivirus for Android, once the malicious application is installed it displays false alerts simulating to detect threats so that users buy a license that is around 100 dollars.

If they decide not to pay and remain unprotected, the application will continue showing the alerts over and over again, preventing the normal use of the device to the point of blocking it. Even when restarting it, they even show adult photos in an attempt to convince victims that there are problems and Android Defender is the solution.

For compatibility reasons, the Trojan does not behave in the same way in all versions of Android, in some it cannot be fully activated and can be uninstalled as a normal application, but in others it is necessary to resort to other methods. In this sense, Symantec does not provide too many details, but on its blog you can find more information and a 3-minute video that shows how it works.

How to avoid these threats?

In one of the last blog articles I mentioned several safety tips to keep in mind, it never hurts to remember some.

Android Defender is a simple application (.apk) and therefore it can be found under any file name such as SkypeFreeCalls-update.apk, AngryBirds-Full.apk or whatever cybercriminals come up with, as they will look for the way to attract attention so that the application is downloaded.

For this reason, you should avoid downloading applications from secondary markets or sites other than Google Play, the official Android market. But even on Google Play you have to take some precautions since fake applications can also sneak in.

Using a real antivirus can also be of great help, at least to scan applications and block them before they cause problems. Here you can find a list of free antivirus for Android offered by the main security companies.