Cyber criminals use many different methods for their promoted malware to be distributed. One of such ways is utilizing legitimate websites. These are attacked and compromised. An unsuspecting visitor that used to browse Internet pages every day and never had any trouble suddenly gets infected out of nowhere. Just recently a popular Bulgarian website for branded watches became a source of premium rate SMS Android malware. The same gang uses many more websites for injecting malicious code into victims’ technique.
The examples of the campaigns might be tricking Russian-speaking users into installing a fake version of Adobe’s Flash Player. Another campaign organized by the same gang was a fake Android browser promoted using a social engineering theme. The most recent one is trying to to trick mobile users into thinking that it’s a new version of Google Play.
More information and a technical data of these campaigns might be found here: blog.webroot.com.