New Android malware after Ice Cream Sandwich launch Infects 5 million users. Google’s Android Market has been attacked by one of the largest Android malware campaign. As many as 5 million users have been conned by the malware that has appeared in the Android Market in the form of 13 free games, Symantec has stated.
The malware has been tagged â€œAndroid.Counterclankâ€ by Symantec. It contains 13 different free games from 13 different publishers. The titles of the games range from â€œSexy Girls Puzzleâ€ to â€œDeal & Be Millionaireâ€ to â€œCounter Strike Ground Forceâ€.
The malware has been wreaking havoc on Android market since a month, but Symantec identified them only this Thursday. The alarm only went off when users noticed something fishy and some of these apps were reviewed by users and rated as â€œcrapâ€ y the users.
A user said about one of the 13 games that was called â€˜Deal & Be Millionaireâ€™, â€œThe game is decent … but every time you run this game, a ‘search icon gets added randomly to one of your screens.Â I keep deleting the icon, but it always reappears. If you tap the icon you get a page that looks suspiciously like the Google search page.â€
Kevin Haley, a director with Symantec’s security response team, said in an interview, â€œThey don’t appear to be real publishers. These aren’t rebundled apps, as we’ve seen so many times before.â€
Haley added, â€œWhat’s interesting here is that instead of taking legitimate apps, [malware authors] have created apps similar to legitimate ones. That, and the big numbers of download, of course.â€
It is a common practice of Android malware makers to repackage a legitimate app with attack code, and then re-release it to the marketplace. This very often dupes users into thinking that the fake is the actual legitimate app and they download it.
The impact of the malware is estimated by Symantec to be in the range between 1 million and 5 million. Symantec calculated the damage by combining the download totals of the 13 apps.
Haley confirmed, â€œYes, this is the largest malware [outbreak] on the Android Market.â€
Android.Counterclank is a minor variant of an older Android Trojan horse called Android.Tonclank that was discovered in June 2011. When Android.Counterclank is installed on an Android smartphone, it collects user information like copies of the bookmarks and the handset maker. It also changes the browser’s home page. The malware has been monetized by the hackers by pushing unwanted advertisements.
Haley informed that the suspicion was ignited when some users noticed that the infected apps request an uncommonly large number of privileges that the user must approve. He added that few people bother reading them before giving their okay.
Haley added, â€œIf you were the suspicious type, you might wonder why they’re asking for permission to modify the browser or transmit GPS coordinates. But most people don’t bother.â€
He further informed that Symantec’s researchers had alerted Google, but the latter failed to address the questions for confirmation on the security firm’s claims immediately.