[PSA] Lookout Identifies New Android Trojan, GGTracker – Mimics Android Market

Lookout, the #1 security app for Android, has identified a new Trojan, this time affecting Android users in the U.S. This new threat called “GGTracker” misleads users via in-app advertisements that prompt users to download seemingly legitimate applications from a fake (but convincing) Android Market.

Once downloaded, the GGTracker Trojan will register users for premium SMS subscription services without the users permission. It accomplishes this by contacting another server which will then answer security questions and input security PIN numbers to authenticate subscriptions. These unauthorized subscriptions can then result in charges of up to $9.99.

While most Android users are keen to what they browse and download, there are many not-so-tech-savvy parents, etc.. who may be easy victims. Here are a few tips to follow to ensure you or someone you know doesn’t become a victim of malware:

  • Most malware comes from untrusted 3rd party app stores. Avoid this by using only trusted sources and always check out the developer, app ratings, and comments.
  • Install a mobile security app such as Lookout which will detect and block such malware attempts.
  • Pay close attention to where you navigate and what you click on. If you notice things that seem “out of the norm” then they probably are.
  • Make sure you are being directed to your intended targets. The mobile version of the Android Market will not open in your devices browser, so be aware.

These malicious apps have yet to be found on the Android Market which is a good sign but be on the lookout for advertisements or urls pointing towards apps such as a fake battery optimizer packaged as “t4t.pwower.management,” and a porn app packaged as “com.space.sexypic”. As always, be sensible and cautious of how you use your Android devices. More information can be found at the official Lookout blog.