Fake Android Security App is Mobile Zeus Malware in Disguise

QUOTE: A new variant of the Zeus banking malware is masquerading as a security app in order to lure users trying to protect their Android devices from…malware.  The fake security app, called the Android Security Suite Premium, is actually the latest Zeus malware, Denis Maslennikov, a Kaspersky Lab researcher, wrote on SecureList on Monday. Once Android Security Suite Premium is installed on the mobile device, it displays a blue shield icon on the menu and a fake “activation code” when executed, according to the blog post. The app first appeared in early June, and there are at least six different versions.

The malicious app can intercept incoming text messages and forward them to remote command-and-control servers. Depending on the user, the messages could include sensitive data, such as password reset links or even one-time passwords. Any of the six C&C servers could send instructions to the app to uninstall  itself, collect and transmit system information, and installing other malicious applications.