Android malware on the rise, 21 apps pulled from Android Market - Update
According to a recent Symantec blog posting there is strong growth in Android malware. The posting cites Android.Pjapps, which, like others before it, is a trojan that has been found in Android applications that is able to open a back door on a compromised device. Such applications are usually found on unregulated Android marketplaces.
The posting states that Symantec has detected other applications carrying this trojan. Typically, it is difficult to tell the malicious version of an application from the correct one. However, the posting goes on to state that "during installation it is possible to identify the malicious version by the excessive permissions it requests." In the example given, the application asks for permission to access messages and personal information – totally unnecessary for the gimmicky application concerned, "Steamy Window".
The posting continues by explaining how the Android.Pjapps trojan establishes a botnet, and is able to "install applications, navigate to web sites, add bookmarks to your browser, send text messages, and optionally block text message responses."
It is not only unregulated Android marketplaces where the risks lie. In a further development, a set of 21 free apps (the full list can be found at the bottom of the preceding link) have been pulled from the Android Market because they had been tampered with using the well-known root toolkit rageagainstthecage and included malware. Because they are hacked versions of genuine apps, again it is difficult to tell the difference between the malicious version and the real thing. Most notably, the malware in these apps is able to download further code, making it impossible to determine the extent of possible damage that could be inflicted. It has been suggested that these applications had been downloaded between 50,000 - 200,000 times before being withdrawn.
Update: Further reports suggest that Google has now pulled more than 50 apps from the Android Market.
- Android Market poses remote installation risk , a report from The H.
- Data theft vulnerability in Android 2.3 not plugged, a report from The H.
- Android trojan collects personal data, a report from The H.
- Back door exploit for Android phones, a report from The H.