Security researchers are split on the seriousness of an Android "malware" campaign that some estimates suggest may have "infected millions" of smartphones via gaming apps from Google's Android Market. "Android.Counterclank" – a piece of code described by Symantec as a Trojan and by Lookout Mobile Security as part of "an …
Counter Strike Ground Force?
Charlie Dimmock takes on the terrorists is it?
Sounds close enough to malware to me, certainly close enough to make sure I avoid installing anything tainted by it.
You mean a game called "Sexy Girls Puzzle"
is somehow not completely on the up and up? Oh, shit, what's next? Tobacco consumption may be unhealthy -- film at eleven!
That's all well and good but...
...is Lookout going to notify users or not?
I don't know what to think
I don't know what to think about these things until Graham Clueless tells me.
Where is he when you need him?
Hey! I resemble that remark!
@I resemble that remark
Ah but the One True Graham Clueless is paid by Sophos, and is all over the UK media whenever necessary (and often when completely unnecessary).
AV company finds file that _might_ be malware and announces it to world in order to promote own dubious software. This is not news, sounds like spamvertising to me.
Perhaps NOT so Smart phones?
Oops infected again.
And what do Symantec hope to gain from this scaremongering
ahh yes, they sell Android anti-malware snake oil...
These fuckers are worse that the writers of the stuff.
The thing I’ve been caught out by twice now is innocuous little apps that only ask for internet access permission and behave themselves perfectly for a month, then suddenly you start getting push notifications. When you check the Market to see other user’s reports you find the app has disappeared (so no feedback possible). Meanwhile the only real clue is the “unimportant” permission for the app to start at boot – that’s the giveaway.
I do think that Market pages for withdrawn apps should stay (perhaps only accessible through “My Apps”/“Download”) with no download button, but still there to act as a discussion centre for the app in question. And not just for malicious apps.
If only someone could provide some sort of antimalware product. Oh wait.
"...Malware can also be used to steal personal information from a mobile device that could result in identity theft or financial fraud. Apperhand doesn’t appear to be malicious..."
So, this program is hidden in a repackaged app.
It takes details from your phone and sends it off to a third party for them to do something funky with.
How is this not a trojan again?
Reminds me a little of the business Phorm's CEO wsa involved in. Forget what it was called now, but they wrote a piece of software that got labelled malware.
He then tried to use semantics to try and explain why his bit of code that was sending data off, had snuck along with some other software and was generally quite undesirable was not in fact malware.
Exactly what this reminded me of in all honesty, but I can also see that the AV vendors have every reason to try and call it malware.
Like the CarrierIQ thing recently too.
First it was "We don't log anything"
Then it was "Well, we do, but only for diagnostics"
But whats wrong with logging and sending back? Its only your privacy you are losing.
"The average Android user probably doesn’t want..."
The average user probably doesn't know what you're on about and doesn't give a smeg.
- Facebook offshores HUGE WAD OF CASH to Caymans - via Ireland
- Microsoft teams up with Feds, Europol in ZeroAccess botnet zombie hunt
- Justin Bieber BEGGED for a $200k RIM JOB – and got REJECTED
- Review Bigger on the inside: WD’s Tardis-like Black² Dual Drive laptop disk
- Inside Steve Ballmer’s fondleslab rear-guard action