In an effort to educate and safeguard the nation’s public from cyber attacks, the FBI‘s Internet Crime Complaint Center (iC3) has recently issued a warning about Android malware, citing two new malicious applications and its impact to the unsuspecting user. The two malicious applications in question are Loozfon and FinFinisher.
According to the FBI’s iC3 page:
Loozfon is an information-stealing piece of malware. Criminals use different variants to lure the victims. One version is a work-at-home opportunity that promises a profitable payday just for sending out e-mail. A link within these advertisements leads to a website that is designed to push Loozfon on the user’s device. The malicious application steals contact details from the user’s address book and the infected device’s phone number.
FinFisher is a spyware capable of taking over the components of a mobile device. When installed the mobile device can be remotely controlled and monitored no matter where the Target is located. FinFisher can be easily transmitted to a Smartphone when the user visits a specific web link or opens a text message masquerading as a system update.
Loozfon and FinFisher are just two examples of malware used by criminals to lure users into compromising their devices.
As Android Central has pointed out, in response to the FBI’s Internet Crime Complaint Center statement, the FBI may be missing a key component here in the whole malware infection process. It is true a user could download a malicious app that could cause significant damage, however, in order for that app to do so the user must first install it. That ultimately means that users can fall for a phishing scheme and click on disguised links yet avoid the malicious software’s effects by never installing the app. Please keep in mind, although advanced users can easily identify or avoid these issues altogether, the majority of the public may not be so tech savvy. This ultimately is why the FBI takes these precautions.
The FBI also provides a lengthy list of precautions to safeguard your phone, utilizing common techniques such as not clicking unknown links and password protecting.
Check out the official statement by the FBI below.