Android Malware Hits 5 Million

Tuesday, January 31, 2012 @ 04:01 PM gHale

Popularity means a stronger potential for attack and since Android continues its steady rise, malware developers just see it as an incredible growth opportunity as they fooled as many as 5 million users into downloading infected apps, Symantec officials said.

“Android.Counterclank” malware ended up packaged in 13 different apps from three different publishers, with titles ranging from “Sexy Girls Puzzle” to “Counter Strike Ground Force,” Symantec said. Quite a few of the infected apps were still available on the Android Market as of last Friday.

New Software Cuts Costs, Risk
Struggle to Secure Mobile Devices
All Mobile Devices Victimized
Scareware Meets Smartphones

“They don’t appear to be real publishers,” said Kevin Haley, a director with Symantec’s security response team. “These aren’t rebundled apps, as we’ve seen so many times before.”

Android malware makers commonly repackage a legitimate app with attack code, then re-release it to the marketplace in the hope that users will confuse the fake with the real deal.

Symantec estimated the impact by combining the download totals — which the Android Market shows as ranges — of the 13 apps, arriving at a figure between 1 million on the low end and 5 million on the high. “Yes, this is the largest malware [outbreak] on the Android Market,” Haley said.

Android.Counterclank is a Trojan horse when installed on an Android smartphone collects a wide range of information, including copies of the bookmarks and the handset maker. It also modifies the browser’s home page.

Smartphones are seeing an increased use throughout the industry today and a new study shows employee-owned mobile devices used on corporate networks continue their rise despite well-known gaps in security.

Two thirds of IT executives surveyed allow the use of personal mobile devices while at work, a marked increase from two years ago, according to the report from Check Point Software.

The Android.Counterclank hackers have monetized the malware by pushing unwanted advertisements to compromised Android phones.

Although the infected apps request an uncommonly large number of privileges — something the user must approve — Haley said few people bother reading them before giving their okay.

Android.Counterclank is a minor variation on an older Android Trojan horse called Android.Tonclank discovered in June 2011.

Some of the 13 apps that Symantec identified as infected have been on the Android Market for at least a month, according to the revision dates posted on the e-store.

Click here for Symantec’s list of infected apps.

Leave a Reply

You must be logged in to post a comment.