Blog

Rahul Thadani
Fake Quick Heal Mobile Security application found on Russian website
August 24, 2012

In the past we have highlighted numerous fake antivirus applications that are available through unsolicited third-party sources. Installing such apps can turn out to be highly risky and should be actively avoided by Android users. ‘Sideloading’ is the process of installing Android apps from third-party sources other than the Google Play (Android Market) store. You can learn how to disallow sideloading in your Android device in this post.

We would now like to bring to your notice the following website – “hxxp://android-antivir.com”. This is a Russian website that claims to offer several Android antivirus programs. Unfortunately, Quick Heal Mobile Security is also a part of their list.

Fake QH mobile security

If one clicks on the Quick Heal Mobile Security link a new page is opened where the option to download the program is provided. This program is a malware APK in disguise. Once installed, the malware sends several text messages to premium-rate numbers which incur very heavy charges.

QH mobile security

This fake application is detected by Quick Heal as Android.BoxerSms.D. However, a user who already has Quick Heal Mobile Security installed would not visit this page in all likelihood.

So it is essential to spread awareness about such applications as there are many people who fall for these tricks. Installing security on Android devices is necessary and it is even more imperative that this security be acquired from genuine sources. This includes Google Play or the official website of the developer of the program or a certified vendor. Any other source that offers such products should be immediately discarded.

Have something to add to this story? Share it in the comments.

Rahul Thadani
About Rahul Thadani
Rahul is a web enthusiast and blogger, and has been writing about the computer security industry for the last three years. Following the latest technology trends,...
Articles by Rahul Thadani »

3 Comments

Your email address will not be published.

CAPTCHA Image

  1. Really very strange..
    It`s much better to install/download via Google play or first chcek the wesite certificate and then proceed correct?
    Is there any other way to chcek the genuinity of the Site if yes plz let me know?
    and thanks rahul for such a crucial update.

    Reply
  2. Durgesh KumarAugust 27, 2012 at 12:18 AM

    what’s there in sending text messages to premium numbers??
    i mean who is going to get benefited with the charges incurred??
    Right, the service provider…
    can’t the service provider be behind this??

    Another imp. thing is, the number (to which the text is sent) can be easily traced down, it easily gives way to find the people behind…
    Such cases may had been numerous till date…
    where’s cyber security and legal action??

    the more important thing is that such malwares expose user data…

    Reply
    • Hi Durgesh,
      It is not the service providers behind this but the people who buy the premium-rate numbers from the service providers. Some numbers can be traced down but most cannot due to masking and cloaking features.
      Thanks for your inputs.

      Reply