Google responds to RuFraud Android mobile attack: 22 apps removed

Google has responded to an emerging attack called RuFraud by removing 22 apps from the Android Marketplace.

The RuFraud Malware was alerted to Google by security firm Lookout Mobile, who noticed a hat full of apps residing in its app store which on downloading would charge the user's phones to send and receive text messages.

Apparently the apps were offering things like wallpaper art and horoscopes to entice phone users into downloading; on download a large "Next" button would be presented to them, whereby pressing the button the user would be agreeing to the rather dodgy terms of service policy.

After the initial wave of apps had been removed, more popped up offering free top-title games such as "Angry Birds free" in the hope of enticing more people to download. However as the initial wave of horoscope apps and wallpaper art were found to be half-baked and only performed basic tasks we presume that this new wave of RuFraud apps will be the same.

Currently the threat is targeting many European countries including Russia, Azerbaijan, Armenia, Georgia, Czech Republic, Poland, Kazakhstan, Belarus, Latvia, Kyrgyzstan, Tajikistan, Ukraine, Estonia, Great Britain, Italy, Israel, France and Germany. Those in the US are not affected as Stateside SIMs block the code that the apps are using to access the phone.

In an interview with VentureBeat, Lookout Mobile’s senior security product manager Derek Halliday stated: "We’ve seen this family of premium estimates fraud apps over the last couple of weeks, in a few different waves. A few versions will be published every few days or so, I can’t tell the future, but we’re going to be paying really close attention to it as it develops."

So rule of thumb, make sure you're careful with your downloads from the Android Market and if you see a non-Rovio Angry Birds for free, it is probably best to leave it alone.