Appolicious powers Verizon Educational Tools

Fake Netflix Android app raises questions about malware monetization

by Kristen Nicole

Security seems a poignant topic for Android this week, with a fake Netflix app sneaking malware onto devices, and a slew of releases around mobile enterprise security in particular. The rise of malware on the Android platform has spurred a great deal of development in the security sector.

Awareness has been growing around the phony Netflix Android app because of its effectiveness in tricking users. The Trojan looks very much like the real Netflix app, but steals account information instead. As it can’t readily glean users’ credit card information through the Trojan, it’s unclear how the malware makers plan on making money off this particular scam, but the timing of its release, which nicely coincides with Netflix’s expansion across more Android phones and major service changes, indicates a certain amount of planning behind the fake Netflix app.

Monetizing Android malware

Dangerous mobile apps are getting more savvy, especially with the proliferation of Android’s widespread, open platform. Symantec, the company behind Norton security services, released a report this week outlining some of the monetization motivations and schemes currently plaguing Android, listing premium-rate number billing as one of the most lucrative attacks. Spyware, adware and mTan stealing are other methods attackers use to aquire pertinent information like credit card details that can be sold or used for their own purposes. Future expectations in the mobile market, like NFC payment technology, will only provide more fodder for mobile criminal behavior.

The enterprise takes Android security into its own hands

Most security offerings provide scanners to detect malware on Android apps and files, giving mobile users some preventative measures against threats. And as more individuals incorporate their Android devices into their office lives, businesses are looking for additional ways to protect employer-provisioned devices and office networks from things like fake Netflix apps. This week brought solutions from 3LM and Toggle, both designed for the workplace. McAfee and BizzTrust also introduced enterprise-ready solutions to secure employee devices, the latter working in a similar manner to Toggle, providing multiple “profiles” for work and play.