After thorough research performed by our mobile threat prevention (MTP) partner, Check Point, a new and alarming type of malware campaign has been identified. Known as Gooligan, this malware is used to generate ad revenue on the Android platform. Check Point noted that as of the end of November, Gooligan had breached the security of more than one million Google accounts, with an additional 13,000 devices being impacted each day.
Brad Reed, From Yahoo Tech
UPDATE: Google has seemingly picked up on Virus Shield’s fraudulent claims and has removed it from the Play store. If you’ve already purchased this app, the best advice we can give is to uninstall it now. We have reached out to Google for comment but have no information yet on whether refunds will be issued to the many people who purchased the app.
Watch out for this fake “virus scanning” app in the Google Play store. It’s called Virus Shield, and according to Android news site Android Police, it’ll cost you four bucks but won’t perform any real virus scanning at all.
As BGR has noted before, there are definite downsides to Google’s policy of allowing all apps onto the Google Play store and removing them only after users flag them as malicious. The flaws in this approach were once again on display this past weekend when Android Police revealed that Android security app Virus Shield, which had just hit the No. 1 spot on Google’s new paid apps chart, was a complete scam.
Why is Virus Shield a scam, you ask? Mostly because the app costs $3.99 and literally doesn’t do anything at all to protect your phone from viruses. According to Android Police, the app supposedly tells you whether your phone is secure by having a shield icon that contains either an “X” to signify that the device has been infected or a checkmark to signify that the device is safe. When you first install the app, it has an “X” on the icon, but it quickly changes to a checkmark once you tap it and tells you that everything is safe in your phone.
However, this is all the app really does — it gives you a false sense of security by showing you a checkmark and doesn’t contain any code for detecting or eliminating malware on your Android phone.
Amazingly, the app was downloaded more than 10,000 times and received an average rating of 4.7 stars on Google Play despite the fact that it swindled thousands of people out of their money. Google has since removed the app, although there’s no word yet on whether the company will be able to refund the money that they gave to Virus Shield.
Android Police, which has generally been supportive of the open nature of Google Play, writes that “it’s somewhat disheartening that an app so obviously fake could rise to the top, especially considering that it’s paid, and possibly hundreds or thousands of people have been defrauded already.” The publication also writes that it doesn’t have any solutions to this problem but it says that Google does need to do something to make sure this kind of blatantly fraudulent app doesn’t ever again rise to the top of its paid apps download chart.