Russian websites pushing Olympics malware for Android

Photo credit: pcruciatti/Shutterstock.com
Photo credit: pcruciatti/Shutterstock.com

While the Olympics organizers have already made their own gaffes – such as showing photographs of the North Korean women’s football team next to a South Korean flag, and describing Welsh international footballer Joe Allen as ‘English’ – GFI Software is warning Android users not to make the similar gaffe of downloading from certain Russian websites. “One of our researchers in the AV Labs spotted a couple of Russian websites, which claim to be legitimate app markets, housing malicious files purporting to be the official London 2012 mobile game,” says GFI.

There is an official Android game available. “The Official London 2012 mobile game features nine Olympic games, including Archery, Double Trap Shooting, 110m Hurdles and Swimming, in authentic London 2012 venues. Easy to play but difficult to master!” says the official London 2012 website. But the unofficial Russian websites, which incidentally mimic the look and feel of the official Google Play market, are offering malware that GFI recognizes as Trojan.AndroidOS.Generic.A. “They exhibit behaviors typically found in the Boxer malware family. In addition, both files made no attempts to download the legitimate game app.”

GFI names the two sites as igry-for-android(dot)ru offering igra_Android_London2012_Official-installator.apk, and samsungs5570(dot)ru offering london2012_official_game_v1_4_install.apk, but warns that “file names may change in the future.” 

What’s Hot on Infosecurity Magazine?