[ALERT] New Trojan called Hong Tou Tou lurking

February 16, 2011
2

One of the good things about Android is that it's open source. But on the other hand, that also means it can sometimes be the Wild West out there with exploits sneaking in under the guise of legitimate looking apps. Such is the case as Lookout's official blog has an alert for a Trojan known as "Hong Tou Tou."

Affecting mostly Chinese speaking users and distributed through app markets and forums, the trojan (also known as ADRD) needs additional user permissions before executive a stealthy series of search-related activites while users are oblivious to the activity. The trojan also "phones home" and sends encrypted data containing device IMEI and IMSI to a remote host.

The trojan has been found in over fourteen different Android apps including the popular game RoboDefense, as well as numerous Android wallpaper apps.

Those subscribed to Lookout are already protected, but if users simply disable the installation of apps from "unknown sources," to avoid it. Here's a few other ways to steer clear:

* Only download apps from trusted sources, such as reputable app markets. Remember to look at the developer name, reviews, and star ratings.
* Always check the permissions an app requests. Use common sense to ensure that the permissions an app requests match the features the app provides.
* Be alert for unusual behavior on your phone. This behavior could be a sign that your phone is infected. These behaviors may include unusual SMS or network activity.
* Download a mobile security app for your phone that scans every app you download to ensure it’s safe. Lookout users automatically receive protection against this Trojan.

[via Lookout Blog]


Recent Stories

  • http://twitter.com/dilorenzo Fabio Di Lorenzo

    Robodefense from the Market is also affected!?

  • Anonymous

    Excuse me but WHAT THE FUCK does Android being open source have to do with a trojan??? You get trojans on Windows do you not??? Please people for the love of GOD go try to actually understand what open source means and quit just throwing the word around as a reason or excuse for anything. All it does is bring unwanted FUD to a community that is MUCH larger than Android.

    Making a legitimate looking app that is actually malicious has NOTHING to do with open source or for that matter Android either. It can be done on ANY OS open or closed. Its been done before even on the iPhone. The app just happened to not be malicious in nature but could have very well been.