Sunday, January 29, 2012
Tags: Android,
Symantec: millions of Android phones infected with malware
Symantec has identified multiple publisher IDs on the Android Market that are being used to push out Android.Counterclank. This is a minor modification of Android.Tonclank, a bot-like threat that can receive commands to carry out certain actions, as well as steal information from the device.
can copy bookmarks on the device, copy opt out details, copy push notifications, copy shortcuts, identify the last executed command, modify the browser's home page, steal build information (such as brand, device, manufacturer, model, OS, etc.). Some can even extract information related to Android ID, IMEI, IMSI, MAC address, and SIM serial number.
For each of these malicious applications, the malicious code has been grafted on to the main application in a package called “apperhand”. When the package is executed, a service with the same name may be seen running on a compromised device. Another sign of an infection is the presence of the Search icon above on the home screen.
The combined download figures of all the malicious apps indicate that Android.Counterclank has the highest distribution of any malware identified so far this year.
Google can remove the applications that are infected from the Android Market (and has done so in the past with previous threats) but an a-priori check on applications could eliminate the problem. Of course, Google's model enables developers to quickly feature their applications in the Market but situations like these generate victims.
Source: symantec
Tags: Android,
Subscribe to:
Post Comments (Atom)
Share your views...
0 Respones to "Symantec: millions of Android phones infected with malware"
Post a Comment