The company reported that FakeAV scam, commonly found on PCs had made its way over to Android OS. The scam involves using malware which intentionally misrepresents the security status of a computer and attempts to convince the user to purchase a full version of the software , according to the report.
“The scam has evolved over time and we are now seeing FakeAV threats making their way onto Android devices,” Joji Hamada reports. “One interesting variant we have come across, detected by Symantec as Android.Fakedefender, locks up the device just like Ransomware. Ransomware is another well-known type of malware that takes a computer hostage, by denying the user access to their files for example, until a payment/ransom is handed over.”
Figure 1. Screenshot of FakeAV Android app
According to the report:
Once the malicious app has been installed, user experience varies as the app has compatibility issues with various devices. However, many users will not have the capability to uninstall the malicious app as the malware will attempt to prevent other apps from being launched. The threat will also change the settings of the operating system. In some cases users may not even be able to perform a factory data reset on the device and will be forced to do a hard reset which involves performing specific key combinations and/or connecting the device to a computer in order to perform a reset using software provided by the manufacturer. If they are lucky, some users may be able to perform a simple uninstall due to the fact that the app may crash when executed because of compatibility issues.
Symantec detects this malware as Android.Fakedefender.