Android Hit By ‘Counterclank’ Trojan

Android.Counterclank attaches to applications in the Android Market and may be used to run malicious code on smartphones and tablets, according to Symantec

A nasty piece of malware called Android.Counterclank that Symantec said has the highest distribution of any malware this year to date is making the rounds on Android smartphones and tablet computers.

Symantec counts anywhere from 1 million to 5 million combined downloads of the malware, spanning 13 different application titles.

Information theft

Android.Counterclank is a variant of the Android.Tonclank Trojan horse. Like Tonclank, Counterclank steals information and may open a back door on Android smartphones and tablets for perpetrators to conduct other malicious actions.

However, Counterclank may also be exploited to download more files and display advertisements on mobile devices.

Android.Counterclank latches on to the main application in a package known as the “apperhand”. When that package is run, a service with the same name may be seen running on a compromised device.

Users may also determine their device has been infected by Android.Counterclank if they see this search icon on the homescreen of their phone or tablet.

To provide users with a heads-up, Symantec has listed all 13 application publisher titles on the Android Market that are being used to push out Android.Counterclank.

Malicious apps

The malicious apps, which range from games to entertainment apps starring scantily clad women, include Counter Elite Force and CounterStrike Ground Force from iApps7 Inc., Balloon Game and Wild Man from Ogre Games, and Sexy Girls Photo Game from redmicapps.

Symantec, no stranger to detecting Android malware, said in a corporate blog post that it is still investigating the malware and will keep people apprised of its findings.

Symantec’s security team also detected the Android.Fakeneflic malware, a low-risk Trojan horse that flew under the radar thanks to Netflix’s staggered launch of its mobile application for Android handsets.

Symantec said late last year that despite the explosion in mobile malware in the last couple years, perpetrators are not yet seeing a lot of financial returns from compromised phones.