Tech Made Simple

Hot Topics: How to Fix Bluetooth Pairing Problems | Complete Guide to Facebook Privacy | How to Block Spam Calls | Snapchat Symbol Meaning

We may earn commissions when you buy from links on our site. Why you can trust us.

author photo

Project "Dragon Lady" Uncovers Massive Android Malware Network

by Josh Kirschner on August 02, 2013

Security company Lookout announced they have uncovered a massive Android SMS fraud network accounting for 60% of the Russian malware they have observed in the wild. The investigation, dubbed "Dragon Lady", found 10 malware “Headquarter” organizations that operate as sophisticated affiliate networks for manufacturing, distributing and marketing premium SMS malware.

According to Lookout,  there are thousands of individual distributors and potentially tens of thousands of affiliate websites promoting the malware. And marketers associated with the network can earn as much as $12,000 a month from these scams—quite a sum in Russia, where the average monthly salary is around $800. The affiliate networks even have gamification features, with leaderboards and badges for those bringing in the most money, and their own newsletter and blogs.

Russian spyware affiliate

To pull in victims, the main channel is Twitter where they promote links to popular applications such as Skype or to free porn, videos, pictures and MP3s. Lookout identified more than 50,000 unique Twitter handles involved in the malware scams.

SMS malware tweets

Fortunately, for those of us in the US, this specific threat is purely a Russian and Eastern European problem. The landing pages used by the malware affiliates are built to filter out any visitors from outside their targeted countries. And the SMS toll codes only work with Russian carriers.

But the lessons for smartphone users are the same no matter where you live. Most importantly, only download apps from places you know and trust (e.g., the Apple iTunes, Google Play or the Amazon App Store). If something appears too good to be true—get Netflix without monthly fees!—it probably is. And while anti-malware apps showed mixed results in our recent spyware test, using one of the better ones (go for one of the free versions that performed well in our test) is a wise safety measure.

Russian SMS malware lifecycle from Dragon Lady


Topics

Phones and Mobile, News, Mobile Apps, Android Apps, Blog, Privacy


Discussion loading

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships | Licensing & Permissions
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.