Tens of thousands of Android users have been affected by a Trojan horse that steals sensitive information from handsets, security firm McAfee warned on Friday.
The Trojan appeared on the official Google Play market and was aimed at Japanese-language users. McAfee said it has found more than a dozen variants of the Trojan.
“So far we have discovered 15 applications from two developers that, according to Google Play statistics, have been downloaded by at least 70,000 users,” wrote McAfee researcher Carlos Castillo in a blog post. “Due the privacy risk that these applications represent to Android customers, all of them have been removed from the market.”
The Trojan promises to display trailers of upcoming Android video games, animation or adult videos downloaded from the Internet, but first makes two unusual requests for permissions: “read contact data” and “read phone state and identity”, Castillo said.
“Neither is needed for the principal purpose of the application, which is to display a video from the Internet,” Castillo wrote.
The Trojan harvests three pieces of sensitive data from the handset: Android ID, a 64-bit random number that uniquely identifies each device, the device’s phone number, and the handset’s contact list, including names, telephone numbers and emails.
While this operation is carried out the user is shown a “loading” message. If the data is successfully harvested, the application downloads a video and displays it. If not, the device displays an error message in Japanese.
McAfee warned users to exercise caution when downloading applications from the Google Play market.
“Users should verify in the Google Play market prior installation that the application does not request permission to perform actions not related to its purpose,” Castillo wrote.
Google launched Google Play last month, combining Android Market, Google Music and the Google eBookstore. The company has rebranded videos, books and music apps as “Google Play Movies, Google Play Books and Google Play Music apps”. Google says some 450,000 Android apps and games are available for download, compared with Apple’s App Store, which offers more than 550,000 apps for the iPhone, iPad and iPod Touch.
Malicious code has been a constant problem for the Android platform. Malware targeting Android grew by 3325 percent in the last seven months of 2011, more than for any other platform, according to Juniper’s 2011 Mobile Threat Report.
Android malware accounted for about 46.7 percent of unique malware samples that targeted mobile platforms, followed by 41 percent for Java Mobile Edition.
How well do you know Internet security? Try our quiz and find out!
German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…
Google is reportedly laying off at least 200 staff from its “Core” organisation, including key…
Investor appeasement? Apple unveils huge $110 billion share buyback program, as sales of iPhone decline…
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…
View Comments
Many apps on the android market request useless and extraneous poisitions, yet users are not given the option to allow/deny permissions as they see fit. It's "accept all these permission requests or do not install the app". Why can't I edit permissions so that an app is able to access,say, my camera, but not my contacts? Google, fix this!