We all like things that are free—free samples, free trials, free gifts with purchase.  But what if someone offered you free software?  Would you take it?  According to a recent study by Symantec, you should probably think twice before downloading.

A malware developer has been luring consumers to his or her web of Russian distribution sites with the promise of free versions of popular Android software.  Victims are encouraged to click on a button or link but instead of a legitimate application, they download a Trojan that sends repeated SMS messages from their smartphone to premium-rate numbers.

The malicious app, named Android.Opfake, has been successful in avoiding detection from antivirus software because it changes every time a user downloads the program.  Signature-based detection is a typical strategy for security software and relies on the identification of known data patterns in order to recognize malware.  But if the data patterns change with each download, signature-based detection becomes useless.  To add to the mire, it appears the developer is manually manipulating data patterns every few days to make detection even more difficult.

So what’s a consumer to do?  Well, for one, use your head.  If something seems like it’s too good to be true, it probably is.  Only download your applications from trusted sites and beware of the permissions you allow.  You should also download security software.  Symantec’s Norton Mobile Security products protect customers against automatically generated variants (meaning it won’t allow your phone to do something without your consent), and it blocks access to websites hosting the malicious versions of software.

All of the malicious distribution centers found to-date have been Russian, but SMS messages have been sent to premium rate numbers in countries across the world including:

Armenia
Australia
Austria
Azerbaijan
Belarus
Belgium
Bulgaria
Czech Republic
Denmark
Estonia

France
Georgia
Germany
Ireland
Israel
Kazakhstan
Kyrgyzstan
Latvia
Lithuania
Netherlands

Norway
Poland
Portugal
Russia
Spain
Sweden
Taiwan
United Kingdom
Ukraine

So be sure to think twice about that good deal…