Phony Google Android Market Security Tool Spreads More Malware

  /     /     /  
Publicated : 22/11/2024   Category : security


Phony Google Android Market Security Tool Spreads More Malware


Researchers spot Trojanized version of Googles security patch for Android Market



A repackaged and Trojan-rigged version of Googles newly published Android Market Security Tool is in circulation in a Chinese app marketplace -- and the malicious apps code appears to be based on a project hosted on Google Code and licensed via the Apache license, according to researchers at Symantec who discovered it.
The rogue Android Market Security Tool appears to force the smartphone that downloads it to send SMS messages. Symantec researchers say they are
still evaluating the malware
.
Google this week remotely pushed the real Android Market Security Tool app to all of the Android devices that were
infected by 50-plus free apps found on the Android Market
to be carrying malware that roots the phone, steals data, and installs a back door. An initial estimate of anywhere between 20,000 to 500,000 infected users had downloaded the app and were infected by the malicious apps by the time Google was alerted to and yanked the phony apps. Now some security experts are
reportedly
counting 260,000 infected users.
We are pushing an Android Market security update to all affected devices that undoes the exploits to prevent the attacker(s) from accessing any more information from affected devices, Googles Android Team
posted
on the Market support site.
The good news about the rogue knock-off is that its not circulating on the Android Market, and it gives itself away when you look at the permissions it requires upon installation, notes Vanja Svajcer, principal virus researcher for SophosLabs. While the original tool only requires three permissions, the Trojanized version requires additional permissions for Services that cost you money as well as the device location, Svajcer
Website
said in a post on the app.
Personally, I think that the ability to install non-market applications and ability to create third party application markets was a mistake for Googles Android team from the security point of view. This path is leading us to Windows-like threat levels, Svajcer said.
Have a comment on this story? Please click Add Your Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Phony Google Android Market Security Tool Spreads More Malware