Security researchers have warned that the Android advertising SDK from InMobi is being used by cyber criminals to distribute a piece of scareware.
Bitdefender experts have uncovered several legitimate applications that include the advertising SDK in question, including an older version of the Brightest Flashlight Free app hosted on Google Play.
The attack starts with a pop-up ad delivered by the SDK. The pop-up informs users that their devices are infected with malware, and urges them to purchase a so-called disinfection tool.
Users who accept to purchase the disinfection tool are presented with a screen where they are instructed to enter their mobile phone number. By doing so victims are unknowingly signing up for a premium-rate mobile service that charges them a certain amount of money for receiving ringtones and wallpapers.
The scam is designed to target users from several countries. Depending on the victim