This week anti-malware vendor Symantec announced the discovery of 13 different malware laden apps from 3 different publishers in the Android Market.
Traditionally android malware authors publish an application that is simply a repackage of an existing application that also contains exploit code. With the size of the android market and many copycat applications already published, users choosing a “cheaper” version of an application can be in for a nasty surprise.
The new Android Malware, named “Android.Counterclank” involves new rather than rebundled applications. This makes detection more difficult as while someone can make a fair guess that a much cheaper rebadged version of an existing application might be a trap, malware developers hadn’t gone to the effort of creating their own unique applications. In this case the applications were offered for free, but it won’t be long before malware authors charge money for these applications as people again assume that something that they pay for and which appears unique must be legit.
The applications themselves request substantial privileges. The problem is that, like those users who disabled User Account Control on computers running Windows Vista and 7, the majority of users pay as much attention to request for privileges as they do to End User License Agreements. They click Yes because they want to get to the app.
The only way to stop this sort of thing happening is for there to be a more rigorous attempt to curate the Android Market. As people put more of their personal and financial details into their mobile devices, there will be greater incentive for malware authors to target the dominant mobile platform. It’s reasonable to assume that while some malware apps have been discovered, there will be other malware laden apps sitting in the market that haven’t been found yet.
You can find out more, including the list of problematic applications, at Symantec’s site:
My new book: Windows Server 2008 R2 Secrets. It is a book for experienced Windows administrators who are new to Windows Server 2008 R2 and don't need a lot of basic introductory level material: