Post-PC Attack Site: Only Interested in Smartphones/Tablets

We’ve discovered a server that only attacks and/or spams smartphones and tablets — and not PCs.

A Swedish-based colleague of ours, Johan, was recently using his (Android) phone to search for boat trips in the Galapagos Islands. He found a site called Vagabond. And on Vagabond he found an entry with a link to:

From a Windows-based browser, the link redirects to a site called

But the results are much different if a mobile device is used…

Mobile browsers are redirected to a .info domain which in turn redirects yet again.

Sometimes it redirects to a popular game on Google Play:

But much of the time, it’s NSFW sites (here seen from a Windows Phone):

And sometimes… malware! (As was the case for Johan.)

Here you can see that the malicious .APK file was blocked by one of our “online” detections.

Specific “disk” detection identifies the threat as a variant of FakeInstaller: Trojan:Android/FakeInst.AV.

Our Mobile Security Safe Browser blocks the offending website:

Note: visiting the .info site without the attack’s parameter will result in a redirection to

A site with an index page that redirects to Always a clue something’s afoot.

Be Safe Out There.

On 19/06/13 At 12:50 PM

Read more: Post-PC Attack Site: Only Interested in Smartphones/Tablets

Story added 19. June 2013, content source with full text you can find at link above.