'Largest Ever' Smartphone Malware Campaign Uncovered

Dennis Faas's picture

Security software company Symantec has sent out a warning about what it believes to be the largest-ever malware campaign launched against Android smartphone owners.

Called "Android.Counterclank," the malware was discovered hidden within 13 different apps (smartphone applications) released by three different publishers.

Of the enticing titles, "Sexy Girls Puzzle" and "Counter Strike Ground Force" were among the most prolific in duping from one to five million people into downloading the infected software through Google's legitimate app marketplace. (Source: computerworld.com)

Valid Apps Repackaged with Malware

Kevin Haley, a director with Symantec's security response team, believes the android-oriented malware relies on a common tactic of scammers. For example, the app was at one point a valid program, but it was then repackaged to include attack code, then placed back onto online store shelves in hopes that people will accept it as the legitimate version.

Once installed onto a smartphone, doctored software such as Android.Counterclank is able to collect a wide range of personal information. Symantec believes Android.Counterclank to be a variation of an older Android Trojan horse called Android.Tonclank, which was first discovered back in June, 2011.

If you're wondering whether or not your smartphone is affected, it's worth noting that this form of malware frequently changes an Internet browser's homepage. If a switch like that has occurred, you might be in for some trouble.

"User Apathy" Part of the Problem

Symantec is blaming user apathy for part of the problem with this malware attack.

That's because the infected apps request an unusual number of privileges, which the user must first approve before any real damage can be done. This protective device has not stopped the flood of malware simply because very few people bother reading the lengthy request for permissions before giving new software their okay to proceed.

Interestingly enough, some of the 13 apps that Symantec identified as infected have been on the Android Market for almost a month, according to the revision dates posted. Nevertheless, Symantec uncovered the issue only this past week. (Source: gizmodo.com)

Perhaps if more users had taken the time to read the fine print, they would have questioned why an app would ask permission to modify their browser. This request could have raised a few red flags earlier, before the infection rates approached the 1 million mark.

Rate this article: 
No votes yet