According to Symantec, 13 apps from three developers — many in the official Android Market — have been carrying malicious chunks of code called Android.Counterclank, and are suspected of running on as many as five million phones, stealing info and running ads against the will of the device’s owner.
ComputerWorld, speaking to Symantec, learned that the apps have been downloadable for over a month, and Symantec calls it the biggest Android malware outbreak to date.
Some of the 13 apps that Symantec identified as infected have been on the Android Market for at least a month, according to the revision dates posted on the e-store. Symantec, however, discovered them only yesterday.
Users had noticed something fishy before then.
“The game is decent … but every time you run this game, a ‘search icon gets added randomly to one of your screens,” said one user on Jan. 16 after downloading “Deal & Be Millionaire,” one of the 13. “I keep deleting the icon, but it always reappears. If you tap the icon you get a page that looks suspiciously like the Google search page.”
The apps, distributed by iApps7, Ogre Games and redmicapps, are mostly games with titles such as Counter Strike Hit Force, Wild Man and Stripper Touch girl. Here’s the full list:
Counter Elite Force
Counter Strike Ground Force
CounterStrike Hit Enemy
Heart Live Wallpaper
Hit Counter Terrorist
Stripper Touch girl
Balloon Game
Deal & Be Millionaire
Wild Man
Pretty women lingerie puzzle
Sexy Girls Photo Game
Sexy Girls Puzzle
Sexy Women Puzzle
Not-so-shockingly Symantec believes these publishers exist solely to distribute malware. Google might want to get rid of those.
[Symantec via ComputerWorld]
Kroo
Monday, January 30, 2012 at 7:19 AMAs I chuckle into my coffee cup after having a fandroid friend of mine lecture me on why the openess of android makes it sooooo much better than iOS. I’ll be hitting the email button right about now………. A friendly tip to all android users. Don’t bad mouth Apple to your Apple friends while this, and fragmentation keep undermining your platform. Leave me to my opinion and I’ll leave you with yours. Keep the postulation to yourself. Thanks.
Chris
Monday, January 30, 2012 at 8:21 AMYour not really doing anything different to the so called fandroids are you? I’m a little over the whole arguing over mobile OS’s. At the end of the day they all do pretty much the same thing for most people.
light487
Monday, January 30, 2012 at 8:39 AM“Keep the postulation to yourself. ”
And you.
All phones have vulnerabilities, whether they are running iOS, Android, WP, Symbian.. whatever.. they all have them. Anyone who says that one is more or less secure than another is only fooling themselves into a false sense of security. iOS has had a pretty good track record but so has Android. It’s only a matter of time before virus creators and hackers get a hook in.. we’ve seen it already with iOS and of course with Android.. no doubt it’s already happened with WP too.
The point is, regardless of your phone’s O/S, you need to be on the watch for malicious software.
Sicarius123
Monday, January 30, 2012 at 12:15 PMThe difference being if a vulnerability is found in an iOS or WP7 handset, an update will be released to all phones.
With an android handset, if you have a new device you might be lucky and get an update in 3-6 months, if it’s a little older you’ll probably have to buy a new phone for the newer security features.
Kroo
Monday, January 30, 2012 at 7:03 PMUnlike those fandroid people I know, I don’t go around pissing on their parade just because they choose something different. I just came here to point out this story. I don’t see many iPhone fans running around bad mouthing android. I can’t understand the inferiority complex displayed by android users bagging my choice of phone. ^^ This is one of the reasons I reject using android, along with fragmentation and lack of support from the manufacturers and google. I don’t care if my OS is closed or not, I REALLY DON’T CARE. I’d rather not have to worry about malware thank you very much. I chose ios because of its security aspects. Yes, iOS is vulnerable, if you physically have my phone in your hands and have the tools to hack it. I don’t want to fear downloading something like this. I appreciate your comments, I’ll ignore the haters, but don’t be a douche just because I reject android.
Lord Crumplebottom
Monday, January 30, 2012 at 8:54 AMOh the irony…
Sasha
Monday, January 30, 2012 at 9:43 AMA curated marketplace is definitely a good thing’; the problem with iOS is, even if you are a power user, there is now (supported) way to override that protection and step outside the garden.
Symo
Monday, January 30, 2012 at 9:43 AMKrroo is a typical iOS fanboi, ignorant to the point that he he/she has forgotten about the iOS PDF security hole, the iOS location tracking security hole, the iOS photo gallery flaw that exposes your photos to anyone. There just the ones the media drew our attention to.
Not to mention:
“The new iOS 5 patches 96 vulnerabilities, including 69 security fixes for WebKit, including patches for vulnerabilities related to memory corruption issues that could lead to arbitrary code execution, cross-origin issues that could result in a cross-site scripting attack, a URL spoofing issue that could cause a different URL being shown in the address bar, a configuration issue related to the use of libxslt that could lead to arbitrary code execution, and a number of other WebKit issues and associated vulnerabilities,” Infosecurity reports.
Kroo
Monday, January 30, 2012 at 7:22 PMAt least my OS manufacturer pushes out updates to close off vulnerabilities. And yours????? Your list of rather obscure and very situational specific bugs makes me laugh at your feeble attempt. If I had a week, I’d list the faults in android. I’m glad I got your attention. Again, my manufacturer will protect me every time. That PDF vulnerability was closed very quickly and was never used by malicious hacker is any way. iOS didn’t patch anything your moron. It was a completely rewritten, brand spanking new OS. You just lost cred, you are the weakest link…………
eckythump
Monday, January 30, 2012 at 9:44 AMHmm, I’ll take the openness of android over the closed, close-minded, expensive and totalitarian attitude of Apple any-day!
cayal
Monday, January 30, 2012 at 10:08 AMWell Symo shut that fanboi up.
Osiris Fox
Monday, January 30, 2012 at 1:22 PMSteve Jobs is dead.
Esophagus
Monday, January 30, 2012 at 6:39 PMI lol’ed, guiltily.
Esophagus
Monday, January 30, 2012 at 4:01 PMIf you’d done any research to back up your stupidly biased post Kroo, you’d know that Android is slightly more secure than Mac OSX. That shit only gets on there if you put it there, but Android users have the benefit of knowing what properties the app has access too. Each of these requires user interaction, just like on a Mac, and both will be fucked if someone gets ahold of a privilege escalation bug. Just the big difference is that Apple are also ripping you off at the same time.
Kroo
Monday, January 30, 2012 at 7:26 PMI’m sorry, but what did I post again? Oh, that’s right, I just highlighted the story. Just look up, read the article, and here is your proof. I didn’t write it. I didn’t write the malware. It here, for all to read. Five million users hacked by malware. And android is MORE secure you say? In your tiny little mind it does. Enjoy your fragmented malware riddled plastic phone. :D
Kroo
Monday, January 30, 2012 at 7:28 PMCould you please explain to me how fragmentation and constant malware attacks make android better?
Esophagus
Monday, January 30, 2012 at 9:22 PMI’d say life as it exists today is a proof of fragmentation being a good thing. It’s why some people are resistant to malaria (ironically causing other problems, google, or whatever Apple uses, sickle cell anemia) or can tolerate heat better. Different form factors, implementations, capabilities and manufacturers ensures survival in making USEFUL multipurpose devices.
As for your other comment, tony’s comment below shows why the article is overhyped shit-stirring itself, and that you’re wrong for jumping the gun and pissing on people who bothered being associating with you. It’s merely a questionable advertising platform, which the article linked was hesitant to go as far as calling malware.
smurfydog
Monday, January 30, 2012 at 9:51 PMLook, Kroo. I see what you’re trying to say. And I agree.
As an iPhone user I’ve never suggested anyone using a different OS is ingorant or sheeplike, but I’ve been on the receiving end a few times (mostly jokingly) from Android users and even (long ago) one BB user. And it irks me.
But you just have to shrug it off and say “Each to his own”. Because you’re wasting your breath (keystrokes) and so are they.
Android users seem to be pretty happy to put with the disadvantages you mentioned – device spec fragmentation, no vetting of apps, long waits for OS updates that may never arrive, etc – as a trade off for what they percieve as the advantages of freedom, or choice, or simply a product in their price range that plays Words with Friends and Angry Birds.
I find it amusing that some people have taken sides, like it’s an Us vs Them thing. But once that has happened no amount of reasoning will convince either side to change. People just have to try them out and see what they like.
And then, perhaps, they could shut up about it.
Jackson Bison
Wednesday, February 1, 2012 at 1:00 PMKroo – it’s apparent you don’t even know what fragmentation is… and the issue seems to bother iOS users more than Android users….
Daniel
Monday, January 30, 2012 at 7:38 AMAll of those apps are pretty obviously dodgy, even by just the name.
Honestly, if you downloaded those and got affected, you probably deserved it.
Sevrin
Monday, January 30, 2012 at 7:50 AMWhat ever could you mean? “Stripper Touch Girl” sounds like the most legitimate app ever! hehe
Quiff
Monday, January 30, 2012 at 8:59 AM+1
Stripper touch girl….c’mon.
Antonia
Monday, January 30, 2012 at 7:52 AMSymantec’s web site mentions that the number of downloads is between 1 and 5 mil. How would they get access to Google download data?
This the same company whose source code has been released onto the net? I think its a marketing ploy.
Kato
Monday, January 30, 2012 at 1:18 PMAndroid apps have a “number of downloads” figure, heavily rounded. And yes, I too believe this is a ploy to show the Symantec are still relevant despite constantly “losing” code and suffering security lapses. I’d install any of the above apps over a Symantec product any day.
Chris
Monday, January 30, 2012 at 8:28 AMIt’s a guesstimate. Of course, there are no business interests involved in such a study for Symantec, especially not their Symantec Antivirus for Android…
Over It
Monday, January 30, 2012 at 8:31 AMThe Apple related comment is a valid point. It would be good for Google to revisit their their approach to fragmentation and the app store.
I think Google could Improve both by doing the following:
– Publish minimum device specs and guaranteed minimum timeframes of when they will remain compatible with the current release of Android. I know there is an alliance with providers but the above would at least help buyers with picking their handset that they would know their device could run future versions of Android for at least till June 2012, etc.
– More tests and rules around the android market. People may believe this takes away from ‘openness’, however maybe as users can download and run apps from anywhere, the Android Market could be the official tested source whereas everywhere else could be the ‘try at your own risk’ place.
I know there is still the issue of providers actually releasing Android updates – with all the testing required both by manufacturers and Telcos, I don’t see this being solved unless Google starts working with manufacturers closer.
My 2c
Tim
Monday, January 30, 2012 at 8:55 AMNo OS is secure.
The only way to minimize effect is have something that is not popular as it will get targeted less.
Once something is popular e.g. MAC & Windows, Android & IOS
Someone will try to make malicious code to get your money.
Regardless No System is truly ever safe if think it is think again!
Nate
Monday, January 30, 2012 at 10:06 AMTouch a stripper, get a bug.. sounds about right!
WPDownUnder
Monday, January 30, 2012 at 10:13 AMTim,
WP7 has ZERO malware :D
the end.
Sheeds.
light487
Monday, January 30, 2012 at 10:35 AMHaha.. well of course.. but I would be cautious as early adopters will not have access to any third-party security apps. The Silverlight development environment is a good one for security minded developers though, so MS is off to a good start.. WP7/8 will be, at this stage, the next phone o/s for me.. just saying that no phone is invulnerable.. :)
klaw
Monday, January 30, 2012 at 11:34 AM@WPDownUnder: Also, virtually no users….which is why nobody bothers making malware for it. Tim already made this point.
Sicarius123
Monday, January 30, 2012 at 12:19 PMWhile iOS has plenty of users and is efficiently patched if a vulnerability is found, just like WP7.
Wont see that on Android. I mean what’s more important for HTC, making sure users have all the latest vulnerabilities covered? Or HTC Sense being platered all over their handsets?
Kato
Monday, January 30, 2012 at 12:46 PMThank you Captain Obvious – your complete lack of ability to spot sarcasm and understand the reasoning behind its use has served us well again! Your work here is done.
WPDownUnder
Monday, January 30, 2012 at 10:12 AMLOL – Way to go Android. I wonder if Telstra will add a GP or medical clinic in a corner somewhere at Androidland :D
Nokia’s almost here folks….watch Windows Phone’s rise to ascendancy start in 6 weeks or so ;) Woot!
Sheeds.
James
Monday, January 30, 2012 at 10:27 AM“Android is so much better because of its open plaaaa…………..wha?…………..”
LOLOL
tony
Monday, January 30, 2012 at 12:14 PMdo you gizmodo people do your research on articles?
my lil bro came running saying his phone had been fckd i laughed cause i thought it was one of the stripper ones ends up being one deal or no deal or something like that did a bit of googling and asking around and came across this
http://www.androidcentral.com/android-malware-scare-may-have-been-premature
not cool gizmodo spreading the fear and giving ios fanboys more fuel to boo android
Osiris Fox
Monday, January 30, 2012 at 1:32 PMNice find!
Antonia
Monday, January 30, 2012 at 4:01 PMThere you go.
Did Symantec make it up for some publicity?
Apologies from Apple fanboies forthcoming???
Jackson Bison
Wednesday, February 1, 2012 at 1:16 PMSounds about right, coming from Symantec…
Root users like me will also find Symantec claiming SuperUser is malware… I bet there’s more than 5million users ‘infected’ with that!
illogical
Monday, January 30, 2012 at 2:29 PMno, that article is 2 days old, Gizmodo isn’t THAT up-to-date. They’ll prob. publish that article in a week or so.
:p
Esophagus
Monday, January 30, 2012 at 9:23 PMThis comment has been deemed inappropriate and has been deleted.
Joshua
Monday, January 30, 2012 at 2:08 PMDamn, I downloaded deal and be millionaire. Just uninstalled it.
Steve
Monday, January 30, 2012 at 9:26 PM“According to Symantec”
Ahahahah. Really?