As many as 5 million Android handsets infected with newly discovered trojan

As many as 5 million Android handsets infected with newly discovered trojan
Symantec has released information about a newly discovered threat known as “Android.Counterclank.” It is a variant of a previously discovered Trojan horse called “Android.Tonclank.”

The malware is embedded into various apps in the Android Market and once downloaded, launch services that send information from the device, such as MAC Address, SIM Serial, IMEI, and IMSI, back to the malicious host.

Symantec has estimated that Android.Counterclank has been installed on between 1 million and 5 million devices. One sure fire way to know you’re infected is the presence of a “search” icon on the home screen, which is depicted in the graphic below.



Symantec has identified several malicious app titles spread out over 3 publishers. They are:

iApps7 Inc
  • Counter Elite Force
  • Counter Strike Ground Force
  • CounterStrike Hit Enemy
  • Heart Live Wallpaper
  • Hit Counter Terrorist
  • Stripper Touch girl

Ogre Games
  • Balloon Game
  • Deal & Be Millionaire
  • Wild Man

redmicapps
  • Pretty women lingerie puzzle
  • Sexy Girls Photo Game
  • Sexy Girls Puzzle
  • Sexy Women Puzzle



Update:

Removing the associated application should remove the malware from the device.
1.    Open the Google Android Menu.
2.    Go to the Settings icon and select Applications.
3.    Next, click Manage.
4.    Select the application and click the Uninstall button.

You can also install Norton Mobile Security from the Android Market or from the norton.mobi website.

Norton Mobile Security Lite [Android Market Link]

Finally, you can always perform a factory reset, however, in most cases, you will lose any data that is not backed up.


source: Symantec via WMPowerUser

FEATURED VIDEO

76 Comments

1. dinzle

Posts: 21; Member since: Dec 03, 2011

I had that search icon on my home screen but deleted the app I just downloaded before hand and it disappeared... I am assuming I have it. now how do I get it off my device.

3. dinzle

Posts: 21; Member since: Dec 03, 2011

the app was "Christmas HD Live Wallpaper" btw

29. systamatics

Posts: 63; Member since: Nov 16, 2011

obviously , symantec is creating these trojans to sell

38. G2Noobin

Posts: 81; Member since: Dec 17, 2011

Thanks to johnfranckiv...from Android Central Link at end of post: But it looks like Symantec might have jumped the gun a bit. Lookout, a competitor in the Android security field, says that the applications are not malware, and the apperhand package actually is a legitimate, but aggressive, advertisement component. It's part of an advertising software development kit that's a modified version of the "ChoopCheec" platform” or “Plankton” SDK that was the focus of some privacy concerns in June 2011. This newer version is cleaner, but it still has capabilities common to many ad networks. Writes Lookout: • It is capable of identifying the user uniquely by their IMEI number, for instance. But unlike some networks, this SDK forward-hashes the IMEI before sending to its server. They’re identifying your device, but they are obfuscating the raw data. (That's a good thing.) • The SDK has the capability to deliver “Push Notification” ads to the user. We’re not huge fans of push notifications, but we also don’t consider push notification advertising to be malware. • The SDK drops a search icon onto the desktop. Again, we consider bad form, though we don’t consider this a smoking gun for malware provided the content that is delivered is safe. In this case, it is simply a link to a search engine. • The SDK also has the capability to push bookmarks to the browser. In our opinion, this is crosses a line; although we do not believe this is cause to classify the SDK as malware. http://www.androidcentral.com/android-malware-scare-may-have-been-premature

63. G2Noobin

Posts: 81; Member since: Dec 17, 2011

A la remixfa down below, credit goes to him: Android is more secure than iOS. Thats why governments have been able to clear android for top secret clearance while iOS is still working out its security issues. Hackers always target the largest audience. PCs get more viruses because more people use PC. OSX is no more secure than Windows7. But if your going to do malicious coding, are you going to target 90% of computers or 10%? iOS has been the recipient of many hacks and malicious outbreaks. It's also been the quickest hacked in national hacking contests multiple times. Now that Android is the clear leader in sales and marketshare its going to get more attacks. It is the nature of the business. Also, android is technically harder to hack because there are so many variations of android out there from all the manufacturers modding it. Once you hack iOS, you've hacked all iphones at the same time. Bottom line, dont buy apps from places you dont know (developer brand name counts too), and for god sakes, dont download those crappy booby apps. lol. No OS is safe and secure.

67. E.N.

Posts: 2610; Member since: Jan 25, 2009

Well its good news that it isn't as dangerous as we thought. It's like hovering over the malware line though, so I wouldn't get too excited. I wouldn't expect an app like Heart Live Wallpaper to push bookmarks to the browser, install a desktop app and deliver push notifications. Seems a bit more than aggressive.

72. remixfa

Posts: 14605; Member since: Dec 19, 2008

yo, i was a reference point! i feel honored. :) E.N. with the freedom of choice that android gives, comes a little repsoncibility. For all the things that an app does, like HLW, before you download it android stops you and says "this app has access to the following" and then it bulletpoints EVERYTHING the app is capable of and everything the app can access on the phone. Pulling up heart live wallpaper it says: Network Communication: full internet access. if you tap on that, it says "allows an application ot create network sockets" take 2 seconds and ask yourself why an application needs to make links to the internet. If you cant think of.. or dont like the answer (unwanted desktop shortcuts), then dont download the thing. The point is android provides you with all the information to make an informed decision. The beauty of freedom is its up to you to make that decision, not up to some CEO somewhere. If you cant be trusted to do extremely minor critical thinking, then please get the CEO controlled phone so you dont have to. With freedom comes responsibility.

75. E.N.

Posts: 2610; Member since: Jan 25, 2009

Okay, can we stop with this whole sing-song freedom and choice chant, its really starting to be cheesy and over the top. I agree with reading the fine details, but not everyone does that though. Most people would read it, maybe take the two seconds to ask themselves what it means, and then download it anyway. I don't expect some chick who wants a heart live wallpaper to delve into the details of the app. They're just going to download.

50. anywherehome

Posts: 971; Member since: Dec 13, 2011

how can be an app normally installed or uninstalled with warning what can it does called trojan? ;-) just lies from Symantec to persuade to buy their product :) virus or trojans can be installed just on Windows or iOS without warning...

2. clevername

Posts: 1436; Member since: Jul 11, 2008

Come on Google, you don't need to be as closed as apple but at least thoroughly screen the updatedapps before allowing them to be posted/updated. This is the last thing I wanna worry about on my PHONE.

16. protozeloz

Posts: 5396; Member since: Sep 16, 2010

Who thumbed you down? I agree with you I've said a semi lock will keep the market clean and open at the same time they can even partner with an Antivirus company to clean the market using a not and index the good apps

26. maier9900

Posts: 272; Member since: Dec 17, 2011

Why dont you but an iphone then... stop complaining. Android could never compare to the security ios has... Android is still fresh but you'll see how those pc viruses will infect your android device a year from now. Android is as vulnerable as a damn pc. Why would we buy a phone that needs an antivirus software, are you ok? wow.. i'll rather have an old phone from the year 2000 knowing i dnt have to worry abt viruses. You android fanatics let google play you all along when you know that you had a choice between phones and their operating systems.

30. remixfa

Posts: 14605; Member since: Dec 19, 2008

your comment has zero merrit Android is more secure than iOS. Thats why governments have been able to clear android for top secret clearance while iOS is still working out its security issues. Hackers always target the largest audience. PCs get more viruses because more people use PC. OSX is no more secure than Windows7. But if your going to do malicious coding, are you going to target 90% of computers or 10%? iOS has been the recipient of many hacks and malicious outbreaks. It's also been the quickest hacked in national hacking contests multiple times. Now that Android is the clear leader in sales and marketshare its going to get more attacks. It is the nature of the business. Also, android is technically harder to hack because there are so many variations of android out there from all the manufacturers modding it. Once you hack iOS, you've hacked all iphones at the same time. Bottom line, dont buy apps from places you dont know (developer brand name counts too), and for god sakes, dont download those crappy booby apps. lol. No OS is safe and secure.

33. E.N.

Posts: 2610; Member since: Jan 25, 2009

I'm pretty sure Android being open source and not requiring a 3rd party like iTunes made a significant difference for government use. There were many little holes in iOS like accessing your favorites even when phone is locked or holes in the pdf viewer, but this is a very large scale problem. And usually, as the malware comes, Apple patches them. We have yet to see what Google will do about this, if anything. Android may be more difficult to hack because of all the variation, but that also makes it difficult to fix problems on all their devices, while iOS with less variation can have a single solution fix all their devices. There are probably more known holes in iOS, but it seems like malware has huge potential in Android. Maybe you're right about those booby applications but what about "Heart Live Wallpaper" and "Balloon Game". Sounds innocent enough to me, lol. And Android is all about options and making your phone "You," so if you want boobies on your phone, you should be able to get them w/o second thoughts. ***after reading your comment again, it seems like you're turning the malware issue into a positive thing, like "you should be happy/expect Android is getting malware because it shows Android is becoming more popular"

52. remixfa

Posts: 14605; Member since: Dec 19, 2008

the government reports cited security, not itunes. between holes in security and apple trying to retain control of the device and certain functions, they can not pass. they arent going to let a spy have a phone that reports your every position to apple. lol. There is no real "malware potential" on android. The malware comes from apps. Dont get apps from sources you dont know of and from app makers you are not familiar with. boom, problem solved. And now from the update that G2N just posted from androidcentral, it seems this stupid antivirus company is just trying to expand what it calls "malware" to scare people into buying antivirus for their phones. And no, im not happy about malware. It is a sign of the OS's market position, yes. coders go after the most popular systems to get the most bang for their code. Its not happy or sad, its just a statement of fact. Never.. EVER..EEEVVEEEER buy an antivirus program for your phone. its just a resource hog and does zero... zip.. zilch.. nothing.

36. G2Noobin

Posts: 81; Member since: Dec 17, 2011

Amen.....someone who knows what the game is all about..... REMIXFA speaks the truth.....keep you mouths shut apple fanboys...the ios sucks the platforms sucks...the ease of use sucks....apple just plain sucks. im sorry for using the word sucks so many times.

55. deathyyy

Posts: 101; Member since: Dec 20, 2011

HERP DERP

45. maier9900

Posts: 272; Member since: Dec 17, 2011

YOUR comment has zero merrit !! OSX is 20 x MORE SECURE THAN ANY WINDOWS BOY... IOS is 10 x MORE SECURE THAN ANY ANDROID VERSION out there... Maybe i was a little too offending for you ANDROIDFANS in my comment above but come on, why can't you face the truth about Apple. And your reply to my comment above is no better than mine... so shut it!!! OOh, and second i doubt and bet $1,000,000 there are no viruses on the apple app store like in the android app store that you can download. The only way i would see an iphone having a virus is a jailbroken one that downloaded some app from Cydia or other third party market holding those apps that Apple denies. Apple checks every single app before they put it on the market, Android doesnt. I bet you new this one too i suppose... Smart ass!!

53. theindianguy

Posts: 90; Member since: Sep 30, 2011

i guess someone didn't read what remixfa wrote about android's security.

40. clevername

Posts: 1436; Member since: Jul 11, 2008

Cool your jets chief. I'm no android fanatic and nothing i said even promotes the idea of that. if anything I gave props to apple for their screening policy. And I used to have an iPhone I don't need to buy another. Then I went windows and now android. If anything I am a phone fanatic. So... stop being an iPhone fanatic and post relevent things on relevant articles.

54. rashod

Posts: 13; Member since: Nov 24, 2011

then plz dont buy a pc to your self dude android is opensource.then any one can see the software stack. my idea is a virus are not anly due to fail of the os developers. is there is a oparating system there is many securuty hales , its the nature.becouse os created by humens and all so the viruses. just a idea. sorry for the bad English

61. LoneShaolin

Posts: 307; Member since: Jan 14, 2012

wut??

68. danwatson

Posts: 117; Member since: Jan 03, 2012

At minimum, they could have a safe app search which only searches apps that Google has officially reviewed and deemed safe for install. There are apps on the android market that could house copyright info or break carrier and other restrictions and I think Google knows that if they review these apps like apple does, there will be more pressure for them to remove them. But at least have a safe search for reviewed, clean apps.

4. ChafedBanana

Posts: 409; Member since: Sep 20, 2011

Do a factory data reset.

51. anywherehome

Posts: 971; Member since: Dec 13, 2011

lies....on Android is enough to uninstall an app.....it is not a virus or trojan, it is an common app approved by user when installing ;-) in this way you have to repair just on Windows or iOS.....there is no enough to uninstall ;-)

5. Whateverman

Posts: 3295; Member since: May 17, 2009

Just got that myself about two weeks ago with a picture frame app. It hijacked my browser and everything. Deleted it and now everything is back to normal. Like I've said before I never want Android to be like iOS, but here is where Google should really take a que from Apple. Even though Apple has its own security flaws, their closed systems gives a much better impression that user info is safe.

13. protozeloz

Posts: 5396; Member since: Sep 16, 2010

+1234567890 even if I hate Norton and I think they suck Google needs to improve market security. On the other hand this thread will get full of trolls just like last year. They will come from their holes like roaches.

46. XiphiasGladius

Posts: 813; Member since: Aug 21, 2011

Yeah, Just uninstall those apps, problem solved. Only thing is for people who doesn't tinker their phones esp. those that are clueless will suffer from this though, still it will depend if that user stores a ton of important data in his/her phones.

6. codymws

Posts: 237; Member since: Jun 17, 2010

I almost installed Deal or Be Millionaire awhile ago... good thing I didn't.

8. BioTek

Posts: 53; Member since: Jan 23, 2012

I was also planning on downloading that same app. I'm certainly glad that I didn't.

* Some comments have been hidden, because they don't meet the discussions rules.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.