Post-PC Attack Site: Only Interested in Smartphones/Tablets

We’ve discovered a server that only attacks and/or spams smartphones and tablets — and not PCs.

A Swedish-based colleague of ours, Johan, was recently using his (Android) phone to search for boat trips in the Galapagos Islands. He found a site called Vagabond. And on Vagabond he found an entry with a link to: galacruises.com.

From a Windows-based browser, the link redirects to a site called islasgalapagos.travel.

But the results are much different if a mobile device is used…

Mobile browsers are redirected to a .info domain which in turn redirects yet again.

Sometimes it redirects to a popular game on Google Play:

But much of the time, it’s NSFW sites (here seen from a Windows Phone):

And sometimes… malware! (As was the case for Johan.)

Here you can see that the malicious .APK file was blocked by one of our “online” detections.

Specific “disk” detection identifies the threat as a variant of FakeInstaller: Trojan:Android/FakeInst.AV.

Our Mobile Security Safe Browser blocks the offending website:

Note: visiting the .info site without the attack’s parameter will result in a redirection to google.com.

A site with an index page that redirects to google.com? Always a clue something’s afoot.

Be Safe Out There.

On 19/06/13 At 12:50 PM

Story added 19. June 2013, content source with full text you can find at link above.

Post-PC Attack Site: Only Interested in Smartphones/Tablets

More antivirus and malware news?

Ads

Security news

Malware

Security

IT security

About site

Search Terms Tips

Recent New Tips

Recent Posts