App Eating Android Malware Infects 100,000 Chinese Phones

A piece of fresh Android malware has been spotted sneakily buying up apps and giving thouasnds of Chinese users some big bill shocks.

Security firm TrustGo said 100,000 devices were infected with MMarketPay.A, which has been found disguised as several real applications, including one purportedly from Weibo, the Chinese version of Twitter. It has managed to get itself on to nine different third-party Android markets too

Its main aim when it gets onto an unsuspected phone is to surreptitiously buy up apps on China Mobile’s Mobile Market.

Dude, where’s my money?

MMarketPay.A silently replicates the process of purchasing apps from the Mobile Market. When doing so, it intercepts the verification code sent by Mobile Market servers when a purchase is requested. If a CAPTCHA crops up looking for human input, it is referred to a remote server for the attackers to get around it. Then the app is downloaded and the unwitting user charged.

The Mobile Market also offers paid video content, which the malware can also force victims to pay for.

“This sophisticated new malware could cause unexpected high phone bills,” TrustGo said in a blog post. “TrustGo recommends customers only download apps from trusted app stores and download a mobile security app which can scan malware in real-time.”

Android remains the most targeted of all mobile operating systems. Just last week, Google denied reports a botnet had infected a portion of its users, although two security researchers still believed the malicious network was built on malware that was resident on Android devices.

A US researcher also created a rootkit that could hide Android apps and upload fake ones to steal people’s data.

Are you a security boff? Try our quiz!