As many as 5 million Android handsets infected with newly discovered trojan
Share:
The malware is embedded into various apps in the Android Market and once downloaded, launch services that send information from the device, such as MAC Address, SIM Serial, IMEI, and IMSI, back to the malicious host.
Symantec has estimated that Android.Counterclank has been installed on between 1 million and 5 million devices. One sure fire way to know you’re infected is the presence of a “search” icon on the home screen, which is depicted in the graphic below.
 |
Symantec has identified several malicious app titles spread out over 3 publishers. They are:
iApps7 Inc
- Counter Elite Force
- Counter Strike Ground Force
- CounterStrike Hit Enemy
- Heart Live Wallpaper
- Hit Counter Terrorist
- Stripper Touch girl
Ogre Games
- Balloon Game
- Deal & Be Millionaire
- Wild Man
redmicapps
- Pretty women lingerie puzzle
- Sexy Girls Photo Game
- Sexy Girls Puzzle
- Sexy Women Puzzle
Update:
Removing the associated application should remove the malware from the device.
1. Open the Google Android Menu.
2. Go to the Settings icon and select Applications.
3. Next, click Manage.
4. Select the application and click the Uninstall button.
You can also install Norton Mobile Security from the Android Market or from the norton.mobi website.
Norton Mobile Security Lite [Android Market Link]
Finally, you can always perform a factory reset, however, in most cases, you will lose any data that is not backed up.
source: Symantec via WMPowerUser
Share:
![iOS vs. Android: Skipping Stone Edition [video]](http://i-cdn.phonearena.com/images/article/26373-thumb/iOS-vs.-Android-Skipping-Stone-Edition-video)
76 Comments
1. dinzle posted on 28 Jan 2012, 15:49 3 0
I had that search icon on my home screen but deleted the app I just downloaded before hand and it disappeared... I am assuming I have it. now how do I get it off my device.
29. systamatics posted on 28 Jan 2012, 19:42 12 3
obviously , symantec is creating these trojans to sell
38. G2Noobin posted on 28 Jan 2012, 22:42 5 1
Thanks to johnfranckiv...from Android Central Link at end of post:
But it looks like Symantec might have jumped the gun a bit.
Lookout, a competitor in the Android security field, says that the applications are not malware, and the apperhand package actually is a legitimate, but aggressive, advertisement component. It's part of an advertising software development kit that's a modified version of the "ChoopCheec" platform” or “Plankton” SDK that was the focus of some privacy concerns in June 2011. This newer version is cleaner, but it still has capabilities common to many ad networks. Writes Lookout:
• It is capable of identifying the user uniquely by their IMEI number, for instance. But unlike some networks, this SDK forward-hashes the IMEI before sending to its server. They’re identifying your device, but they are obfuscating the raw data. (That's a good thing.)
• The SDK has the capability to deliver “Push Notification” ads to the user. We’re not huge fans of push notifications, but we also don’t consider push notification advertising to be malware.
• The SDK drops a search icon onto the desktop. Again, we consider bad form, though we don’t consider this a smoking gun for malware provided the content that is delivered is safe. In this case, it is simply a link to a search engine.
• The SDK also has the capability to push bookmarks to the browser. In our opinion, this is crosses a line; although we do not believe this is cause to classify the SDK as malware.
http://www.androidcentral.com/android-malware-scare-may-have-been-premature
63. G2Noobin posted on 29 Jan 2012, 16:32 5 2
A la remixfa down below, credit goes to him:
Android is more secure than iOS. Thats why governments have been able to clear android for top secret clearance while iOS is still working out its security issues.
Hackers always target the largest audience. PCs get more viruses because more people use PC. OSX is no more secure than Windows7. But if your going to do malicious coding, are you going to target 90% of computers or 10%?
iOS has been the recipient of many hacks and malicious outbreaks. It's also been the quickest hacked in national hacking contests multiple times. Now that Android is the clear leader in sales and marketshare its going to get more attacks. It is the nature of the business. Also, android is technically harder to hack because there are so many variations of android out there from all the manufacturers modding it. Once you hack iOS, you've hacked all iphones at the same time.
Bottom line, dont buy apps from places you dont know (developer brand name counts too), and for god sakes, dont download those crappy booby apps. lol. No OS is safe and secure.
67. E.N. posted on 30 Jan 2012, 03:16 0 0
Well its good news that it isn't as dangerous as we thought. It's like hovering over the malware line though, so I wouldn't get too excited. I wouldn't expect an app like Heart Live Wallpaper to push bookmarks to the browser, install a desktop app and deliver push notifications. Seems a bit more than aggressive.
72. remixfa posted on 30 Jan 2012, 22:04 0 0
yo, i was a reference point! i feel honored. :)
E.N.
with the freedom of choice that android gives, comes a little repsoncibility. For all the things that an app does, like HLW, before you download it android stops you and says "this app has access to the following" and then it bulletpoints EVERYTHING the app is capable of and everything the app can access on the phone.
Pulling up heart live wallpaper it says:
Network Communication: full internet access.
if you tap on that, it says "allows an application ot create network sockets"
take 2 seconds and ask yourself why an application needs to make links to the internet. If you cant think of.. or dont like the answer (unwanted desktop shortcuts), then dont download the thing.
The point is android provides you with all the information to make an informed decision. The beauty of freedom is its up to you to make that decision, not up to some CEO somewhere. If you cant be trusted to do extremely minor critical thinking, then please get the CEO controlled phone so you dont have to.
With freedom comes responsibility.
75. E.N. posted on 31 Jan 2012, 13:27 0 0
Okay, can we stop with this whole sing-song freedom and choice chant, its really starting to be cheesy and over the top.
I agree with reading the fine details, but not everyone does that though. Most people would read it, maybe take the two seconds to ask themselves what it means, and then download it anyway.
I don't expect some chick who wants a heart live wallpaper to delve into the details of the app. They're just going to download.
50. anywherehome posted on 29 Jan 2012, 06:38 2 0
how can be an app normally installed or uninstalled with warning what can it does called trojan? ;-)
just lies from Symantec to persuade to buy their product :)
virus or trojans can be installed just on Windows or iOS without warning...
2. clevername posted on 28 Jan 2012, 15:51 15 7
Come on Google, you don't need to be as closed as apple but at least thoroughly screen the updatedapps before allowing them to be posted/updated. This is the last thing I wanna worry about on my PHONE.
16. protozeloz posted on 28 Jan 2012, 16:43 4 7
Who thumbed you down? I agree with you
I've said a semi lock will keep the market clean and open at the same time they can even partner with an Antivirus company to clean the market using a not and index the good apps
This comment is hidden because of its low rating. Show
