GG Tracker is a new Trojan which has recently been discovered by the lovely people over at Lookout. If users are infected by the Trojan, they are directed to an imitation of the Android Market on their mobile, to download a free app. Once it is downloaded it unknowingly goes to work by signing you up for a ton of premium SMS services, and it’s all downhill from there. Lookout has done a very extensive write up on what it is, how it works, and how to avoid it. Tim Wyatt of Lookout writes:
Lookout has identified a new Android Trojan, GGTracker, which is automatically downloaded to a user’s phone after visiting a malicious webpage that imitates the Android Market. The Trojan is able to sign-up a victim to a number of premium SMS subscription services without the user’s consent. This can lead to unapproved charges to a victim’s phone bill.
Have you all been browsing bad websites? Let me just say that this issue could seriously be alleviated if we all just took two seconds and make sure that what we’re browsing is such a good idea. If you’re on the Android market’s website, you better see “Android Market” somewhere in the URL.
Above is an example URL taken from the Lookout blog, where the mobile site imitates the Android Market. The first step in making yourself safer against these things, is honestly being aware of their existence. If you’re proactively making sure you’re visiting safe sites, then this issue hopefully will never affect you. Lookout has their own thoughts on how this is happening to victims;
We believe Android users are shown an advertisement that directs them to a malicious website that resembles the Android Market installation screen.
The website entices a user to click-through to download and install an application (in one case, a fake battery optimizer packaged as t4t.pwower.management, and in another a porn app packaged as com.space.sexypic). If the user clicks the install button, the malicious app will begin to download and dialogue appears to direct the user to install via the download notification.
Once activated, GGTracker registers the victim for premium subscription services that would normally require the user to reply or enter a pin on a webpage. Charges may be up to $9.99.
They list a few ways to protect yourself, one of course is Safe Browsing which is included in Lookout’s app for Premium Users. Others include making sure you’re visiting safe sites, and double checking the URLs you are browsing. We have done readers polls before asking if you were all worried about these things, and from the look of it, this is something a few of you are concerned about. So are you going to be more careful? We all have a choice when it comes to these things, so don’t be afraid to do the research and see if downloading a mobile security app is right for you.
Via: Lookout Blog