Skip navigation
Skip navigation
You are using an outdated browser. Please upgrade your browser.

The past month’s examples show that the world of smartphone applications has firmly become a battleground for scammers and malware writers

GFI Labs Research Reveals Major Banking Organisations, London 2012 Olympics and High-Profile Android Applications Being Targeted by Cybercriminals

London, UK – 11 September 2012 – GFI Software™ today released its VIPRE® Report for August 2012, a collection of the 10 most prevalent threat detections encountered last month. In August, GFI threat researchers identified a number of high-profile fake mobile application scams, along with a spike in email scams targeting UK banking and government organisations.

Cybercriminals were found to be operating several websites, masquerading as parts of the UK’s Directgov government information web site, in particular purporting to offer information and access to housing and other social services benefits. The sites were in fact harvesting sensitive personal and financial information from people looking to apply for government benefits. Leading building society Nationwide was also in the crosshairs, with researchers spotting a new strain of phishing mails purporting to be from the UK’s biggest mutual lender. The emails featured the return of the often-used “verify your online banking profile”, along with a second strain containing the false claim that a data inconsistency had been detected. In both cases, the subsequent links through to convincing copies of the Nationwide online banking site were intended to capture login details for Nationwide customer accounts.

Scammers continued to prey on users looking to download the official London 2012 Olympics game for the duration of the event, while mobile users also drew the attention of cybercriminals with the OpFake Trojan being distributed under the guise of the now defunct Adobe® Mobile Flash® Player. In addition, some versions of the fake application were bundled with adware which rooted the device and downloaded a fake version of the real Flash Player application. The adware software then performed a number of malicious tasks including the theft of the user’s phonebook contacts for advertising purposes and the deployment of pop-ups on the user’s screen.

Other Android users encountered a number of fake mobile antivirus applications masquerading as mobile applications provided by legitimate antivirus companies. The fake applications contained a Boxer malware application which sends SMS messages to a premium number before redirecting the user to another site.

“The past month’s examples show that the world of smartphone applications has firmly become a battleground for scammers and malware writers, keen to take advantage of unsuspecting users,” said Christopher Boyd, senior threat researcher at GFI Software. “Avoiding mobile malware often requires the same preventative tactics associated with traditional malware such as verifying the legitimacy of any unsolicited emails or hyperlinks before installing an unknown application or submitting personal information. However, as we saw this month, the increased activity aimed at mobile devices doesn’t mean traditional attacks, such as desktop malware and email scams, have become any less of a threat.”

GFI Labs also conducted an investigation in August into the mobile applications released by both the Barack Obama and Mitt Romney US presidential campaigns in order to understand if user privacy was being compromised. The Obama and Romney smartphone applications were found to have a number of significant privacy issues that went unnoticed by users who did not read the terms of service agreements before using either application. In order to use the Romney campaign’s app, users had to sign in through their Facebook account or to provide personally identifiable information such as their name, email and home address. Users who opted to sign in through Facebook gave the app permission to post on their profile page on their behalf and to collect even more data from their Facebook friends. The application was also found to collect other information such as the device ID, carrier and phone number as well as GPS and cell tower locations.

Secure Smartphones and Tablets

GFI Software recently released GFI VIPRE® Mobile Security Premium, one of the most comprehensive mobile protection applications for Android phones and tablets. The app combines GFI Software’s award-winning VIPRE antivirus technology with lost device features, parental controls and automatic backup capabilities. This powerful combination enables consumers to use their devices freely without having to worry about mobile viruses, identity theft, data loss or unsupervised activity. To learn more about GFI VIPRE Mobile Security Premium, visit

Top 10 Threat Detections for August

GFI’s top 10 threat detection list is compiled from collected scan data of tens of thousands of GFI VIPRE Antivirus customers who are part of GFI’s ThreatNet™ automated threat tracking system. ThreatNet statistics revealed that Trojans and adware dominated the list with each taking four of the top 10 spots.

Detection ............................................ Type ................................... Percent
Trojan.Win32.Generic------------------ Trojan -------------------------- 34.0
Trojan.Win32.Sirefef-------------------- Trojan -------------------------- 10.04
Yontoo (v)----------------------------------- Adware (General)------------- 2.13
GamePlayLabs -------------------------- Adware (General) ------------ 4.16
GameVance ------------------------------ Adware (General) ------------ 1.20
Wajam ------------------------------------- Adware (General) ------------ 1.55
Trojan.Win32.Ramnit.c (v)------------- Trojan --------------------------- 0.89
Worm.Win32.Downad.Gen (v) -------- Worm.W32 -------------------- 0.89
INF.Autorun (v) ---------------------------- Trojan --------------------------- 0.79 (v) ---------------- Virus.W32 ----------------------- 0.66

About GFI Labs

GFI Labs specialises in the discovery and analysis of dangerous vulnerabilities and malware. The team of dedicated security specialists actively researches new malware outbreaks, creating new threat definitions on a constant basis for the VIPRE home and business antivirus products.

About GFI

GFI Software provides web and mail security, archiving and fax, networking and security software and hosted IT solutions for small to medium-sized businesses (SMB) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy, and a strong focus on the unique requirements of SMBs, GFI satisfies the IT needs of organisations on a global scale. The company has offices in the United States, United Kingdom, Austria, Australia, Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold ISV Partner.

For more information:

GFI Software
Please email David Kelleher at
GFI - Malta: Tel: +356 2205 2000; Fax: +356 21382419.

Davies Murphy Group
Please email Chris Green at
Tel: +44 1256 807360

Copyright © 2012 GFI Software. All rights reserved. All other trademarks are the property of their respective owners. To the best of our knowledge, all details were correct at the time of publishing; this information is subject to change without notice.

This press release was distributed by ResponseSource Press Release Wire on behalf of GFI Software in the following categories: Consumer Technology, Business & Finance, Computing & Telecoms, for more information visit