Android Suffers ‘Gazon’ Malware Outbreak

Android users are being warned about a huge messaging-based mobile malware campaign.

The warning comes from network protection specialist AdaptiveMobile, which uncovered the campaign and dubbed it “Gazon”.

Infected SMS

The malware spreads by SMS messages, which promises the user a free Amazon gift card.

The malware sends SMS messages to all the contacts listed in the victims’ mobile phone book. The Gazon attack masquerades as an app that gives Amazon rewards and vouchers worth up to $200 (£131).

“A simple piece of malware is on the way to become one of the ‘spammiest’ mobile malware outbreaks seen yet,” warned AdaptiveMobile on a blog posting. “This malware we have dubbed Gazon spreads via SMS with a shortened link to itself in the spam message, redirecting a potential victim to a webpage that promises an Amazon gift card if you install an APK file hosted on the page

When the fake app is downloaded and opened, the victim is asked to participate in a survey in order to get Amazon vouchers. Victims either end up clicking on a scam page or being asked to download a game in the Google Play.

“While you are busy clicking through pages the author just earns money through your clicks as we have seen in other pieces of mobile malware,” said the company. “However, in the background this malware harvests all your contacts and sends a spam message to each of them with the URL pointing to the body of the worm.”

And it seems that this outbreak could be potentially widespread for the Android community.

“Thousands of people have seemingly installed this malware and been a victim,” said AdaptiveMobile. “We are seeing over 4k infected devices in all of the major networks in North America, and we’ve blocked over 200k spam messages generated by these infected devices.”

And it said that the malware is now being seen in more than 30 countries around the world, after it spread from the US to the UK, Australia, Canada, France, India, Korea, Mexico and the Philippines. To make matters worse, currently no AV engine detect this malware, according to VirusTotal.

And AdaptiveMobile said that when it traced back the shortened URL further, it discovered the campaign is linked to a Facebook account, which has been previously linked to a now-defunct WhatsApp spam campaign.

Android Malware

The malware threat for Android users is very real and an ongoing problem.

Avast has warned that 5 percent of Android users (approximately 50 million people) have been infected by malware.

Last year, FireEye warned about a piece of Android malware that was disguised as the Google Play app, but used a smart download technique to hide its activities. The malware’s true purpose was to steal banking logins, hoover up text messages and intercept software certificates designed to prove the validity of communications.

Do you know your famous hackers? Take our quiz!