ID: IRCNE2012011388
Date: 2012-01-29
According to “Computerworld”, the largest-ever Android malware campaign may have duped as many as 5 million users into downloading infected apps from Google's Android Market, Symantec said.
Dubbed "Android.Counterclank" by Symantec, the malware was packaged in 13 different apps from three different publishers, with different titles. Many of the infected apps were still available on the Android Market as of 3 p.m. ET Friday.
"They don't appear to be real publishers," Kevin Haley, a director with Symantec's security response team, said in an interview.
Symantec estimated the impact by combining the download totals -which the Android Market shows as ranges- of the 13 apps, arriving at a figure between 1 million on the low end and 5 million on the high. "Yes, this is the largest malware [outbreak] on the Android Market," said Haley.
Android.Counterclank is a Trojan horse that when installed on an Android smartphone collects a wide range of information. It also modifies the browser's home page.
The hackers have monetized the malware by pushing unwanted advertisements to compromised Android phones.
Although the infected apps request an uncommonly large number of privileges -something that the user must approve- Haley argued that few people bother reading them before giving their okay.
"If you were the suspicious type, you might wonder why they're asking for permission to modify the browser or transmit GPS coordinates," said Haley. "But most people don't bother."
Android.Counterclank is a minor variation on an older Android Trojan horse called Android.Tonclank that was discovered in June 2011.
Some of the 13 apps that Symantec identified as infected have been on the Android Market for at least a month, according to the revision dates posted on the e-store.
Related Links:
Google removes fraudulent apps from Android Market
- 2