Zscaler security reseachers come across hundreds of links targeting Opera Mobile users to trick them into installing a malware on their device. The link redirect to another Russian domain, where users are warned that browser is out of date.
"WARNING! An update your browser!
Your browser version is outdated, your phone is at risk of infection by dangerous virus!
We strongly recommend that you upgrade your browser. To update, click Update." The phone message reads(translated).
To trick users, they page uses Google Chrome favicon and same themes and icons as Opera Mobile. The source code has multiple references to Opera (CSS, links, etc.) and targets WAP-enabled devices.
Users who click on the refresh button are presented with a jar file "browser_update.jar", which is downloaded and installed. This type of malware is very common on mobile devices. They are used for spam or contact surcharged phone numbers.
"WARNING! An update your browser!
Your browser version is outdated, your phone is at risk of infection by dangerous virus!
We strongly recommend that you upgrade your browser. To update, click Update." The phone message reads(translated).
To trick users, they page uses Google Chrome favicon and same themes and icons as Opera Mobile. The source code has multiple references to Opera (CSS, links, etc.) and targets WAP-enabled devices.
Users who click on the refresh button are presented with a jar file "browser_update.jar", which is downloaded and installed. This type of malware is very common on mobile devices. They are used for spam or contact surcharged phone numbers.
