The Latest in IT Security

Post-PC Attack Site: Only Interested in Smartphones/Tablets


We’ve discovered a server that only attacks and/or spams smartphones and tablets — and not PCs.

A Swedish-based colleague of ours, Johan, was recently using his (Android) phone to search for boat trips in the Galapagos Islands. He found a site called Vagabond. And on Vagabond he found an entry with a link to:

From a Windows-based browser, the link redirects to a site called

But the results are much different if a mobile device is used…

Mobile browsers are redirected to a .info domain which in turn redirects yet again.

Sometimes it redirects to a popular game on Google Play:

But much of the time, it’s NSFW sites (here seen from a Windows Phone):

And sometimes… malware! (As was the case for Johan.)

Here you can see that the malicious .APK file was blocked by one of our “online” detections.

Specific “disk” detection identifies the threat as a variant of FakeInstaller: Trojan:Android/FakeInst.AV.

Our Mobile Security Safe Browser blocks the offending website:

Note: visiting the .info site without the attack’s parameter will result in a redirection to

A site with an index page that redirects to Always a clue something’s afoot.

Be Safe Out There.

Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments