'Android.Fakeyouwon' Malware
The 'Android.Fakeyouwon' Malware is a Trojan that disguises itself as a fork of the Telegram messaging application. Although it provides genuine messaging capabilities, it also conducts attacks related to exploiting the system for creating fraudulent ad traffic or redirecting users to harmful websites. Android users should uninstall the 'Android.Fakeyouwon' Malware with a trusted anti-malware service and clear their browser's cache immediately.
'You've Won' a Compromised Browser
A series of attacks is combining the popularity of Telegram with its legally-forbidden nature in countries like Iran for a potent infection strategy. This social engineering tactic uses a corruptedly-modified version of Telegram, MobonoGram 2019, and is infecting over ten thousand Android users' devices successfully. The result, the 'Android.Fakeyouwon' Malware, is a working instant messenger, but its legitimate functions are just a cover for other, illegal ones.
The 'Android.Fakeyouwon' Malware is another example of Google's Play Store's experiencing a security breach, although MobonoGram 2019's page is down as of mid-July. Since its code is partly from Telegram, MobonoGram 2019 offers the expected features of that application and caters to both English-speaking and Farsi (AKA Iranian) users. Sadly, the software also has a 'dark side' and uses multiple AddService exploits for keeping itself persistent.
The 'Android.Fakeyouwon' Malware's payload is finance-oriented and includes fake ad-clicking functionality. This feature simulates Web traffic for pay-per-click content. The application also has a browser-hijacking attack that can reroute surfers to unwanted and unsafe websites. The second of these features includes geographical filtering for sorting traffic to different sites, such as a fake gaming domain for a user in the Philippines or a pornography site for a user in Iran.
Preventing the Simplest of Fakeouts
The appeal of an 'alternative' version of forbidden software to dissidents against a local regime is understandable, but searching for unauthorized and unofficial variants of software comes with risks. The 'Android.Fakeyouwon' Malware's campaign demonstrates this fact well. The threat actor is, already, taking advantage of re-branding the same strategy with another Telegram tactic variant, Whatsgram.
Android users should avoid downloading software from third parties that may be compromised or harmful. This caution applies for any sources related to 'Ramkal Developers' – the company that's responsible for the 'Android.Fakeyouwon' Malware especially. Loading unwanted sites automatically is one of the 'Android.Fakeyouwon' Malware's most visible symptoms. However, it also can cause excessive battery usage and performance issues related to its advertising-clicking fraud.
Users no longer are in danger of downloading the MobonoGram 2019 variant of this Trojan, assuming that they avoid non-Google-endorsed application stores. Those who still require uninstalling the 'Android.Fakeyouwon' Malware by any brand name should use Android-compatible anti-malware solutions for their needs.
Advertising is big business for crooks, as well as anyone else. The 'Android.Fakeyouwon' Malware campaign shows the increasingly-savvy marketing that goes into forcing users into encountering these advertisements. One's selection of software is crucial, for those who're thinking of using messengers that their governments wouldn't consider kosher especially.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.