Android users have been warned to be extra careful when accepting Facebook friend requests, as some of them have been rigged to infect smartphones with a nasty piece of money-hungry malware.
The threat, detected by Vanja Svajcer from the security vendor Sophos, appears to be a typical friend request, but, as Svajcer showed in a video, an innocuous-looking link on the supposed "friend's" page sets the scam in motion.
The link, Svajcer explained, automatically redirected his Android smartphone's browser to several different Web pages "without any warning or request for authorization."
In the process, the corrupted Web pages attempted to drop a malware package onto his device. Svajcer examined the malware, called "any_name.apk," and found that inside it was an encrypted file containing the dialing codes for all Android-supported countries, as well a premium-rate phone number and a prewritten text message.
The design of the Android malware allows it to send expensive text messages from infected phones without the victim's knowledge. Only when the victim receives the monthly bill does he find out he's been fleeced.
To avoid this and any other variants of the Android malware, it's crucial you install mobile anti-virus software, a list of which can be found here. Also, be very skeptical of any unsolicited apps or software packages that show up on your smartphone, and regularly check your data plan and bill to see if someone's been toying with your device behind your back.