Symantec: millions of Android devices infected from Market downloads

January 27, 2012
21

If you're waiting for a wake-up call when it comes to Android malware, this might be it. Security software vendor Symantec has published a report claiming that anywhere from one to five million Android phones and tablets may be infected with the Android.Counterclank spyware. The infections spread from thirteen identified apps across three developers, some of which have already been removed from the Android Market, presumably by Google. Most were blatant copies of popular games or vaguely naughty apps.

The Android.Counterclank malware is technically a trojan: it can receive remote commands and send back personal information. It's a serious risk for anyone who has it installed on their hardware. Exact download numbers aren't known, but looking briefly at some of the estimated downloads in the web version of the Android Market, Symantec could very well be correct. This is the largest documented security breach for Android so far, and it doesn't help that the apps are still available for download.

If you've downloaded any of the apps listed below, remove them immediately.You should also change any passwords you have stored on your Android device and check any vital accounts for illicit access.

  • Counter Elite Force
  • Counter Strike Ground Force
  • CounterStrike Hit Enemy
  • Heart Live Wallpaper
  • Hit Counter Terrorist
  • Stripper Touch girl
  • Balloon Game
  • Deal & Be Millionaire
  • Wild Man
  • Pretty women lingerie puzzle
  • Sexy Girls Photo Game
  • Sexy Girls Puzzle
  • Sexy Women Puzzle

Calling this a huge problem is putting things mildly. Some of these apps have been available for months. As great a tool as the relatively open Android Market is, the continual discovery of spyware and malware in widely available apps is a black eye on the Market and Android as a whole. We await Google's reesponse to Symantec's findings with interest.

[via AndroidGuys]


Recent Stories
  • Anonymous

    A company that profits off of malware paranoia posting findings about malware? Shocker. I think this is all crap. Just read the permissions, it is pretty clear. If you download a live wallpaper that wants access to your contacts, you probably have a problem. 

    These antivirus companies are the problem. Scam artists. Symantec probably created the virus.

    • http://www.androidcommunity.com Michael Crider

      Symantec definitely has a motive in reporting this, but that doesn’t make them wrong. The facts are that malware apps are being downloaded directly from the Android Market in huge quantities. 

      • Anonymous

        I keep hearing that but I have never heard of anyone I know getting one and I know a lot of people with android devices. With that said, google is most likely making a pretty penny off of the market. I know a few guys with apps in the market and they have said they have had their app audited before but google should definitely hire more auditors.

      • Missy

        I got this virus shortly after I got my SGS2. I got it from a ringtone download from a ringtone app. After I deleted the ringtone, I stopped getting that crazy search icon popping up. Once I realized how I got it, I uninstalled the app.

      • Missy

        Oh yea, I’d also like to add that at that time I had premium “lookout” service and Norton’s malware thing they have for free. Neither of them caught it.

      • Anonymous

        Any open distribution channel will have it’s risk of malware. It is a trade off for having an open app store where apps cannot be rejected for stupid or anticompetitive reasons. Since applications aren’t required to conform, it allows for greater innovation.

        I think as the OS matures, this is going to become increasingly difficult to do. At this years Pwn2own, android was one of the few mobile platforms that weren’t able to be exploited. IOS took ten minutes. This is because since apple controls everything, the OS doesn’t actually need to be that secure. A jailbroken IOS device is way more succeptable to virus’s than an android.

        I can’t stress enough that when you download an app, take the ten seconds to read the permissions and see what it wants access to.

      • Someone

        Actually, if you just glance at the picture, all its doing its sending your unique id. its not doing anything worse than what legit free apps do / have permission to do.

  • http://www.howdoiuseandroid.com/ How Do i Use Android?

    Anyone who installed an App named “Stripper Touch girl” deserves what they got ;)

  • Daniel C

    https://plus.sandbox.google.com/102392869518782039267/posts/PoGUMmqJDtv
    The Symantec guys are completely blowing this out of proportion. This is not malware, just an overly aggressive ad network. It would have been much more responsible if Symantec would have actually taken the time to reach out to the developers of this software before publishing their press release.

  • anywh

    Just lies…..Android is and always will be 100x safer than windows……for Android doesn’t exist viruses…lbviruses…l

  • Diddolone

    this is a big problem.. .a lot of italian smartphone was infected by this terrible troyan.. but seems is difficult to remove

    http://www.android-htc.it/4329/news/milioni-di-smartphone-android-sono-infettati-e-non-lo-sanno/

  • Wyngo Masala

    Lookout, another well known Android security developer, have argued that this isn’t malware, it’s  just aggressive advertising: 
    http://blog.mylookout.com/

  • B. Clay Shannon

    When the slack-jawed miscreants who infect Android are found, they should be forced to watch endless re-runs of the Brady Bunch until they go madder than any hatter ever.

  • http://twitter.com/kkostov Konstantin Kostov

    more than half of these app titles remind me of the “you are the 9,999,999 visitor, click here to win $10,000,000″ ad we’ve grown so accustomed to online. 

  • Guest_designer

    > As great a tool as the relatively open Android Market is

    “As dangerous a tool for normal people as the relatively open Android Market is” 

  • Hynek Los

    another symantec FUD…. this companies are living from fear…. and they are scared to death by new systems, where are no viruses = no busniess for such companies…

  • BK Alley

    Another attempt to scare people into buying their worthless software. I’ve had more problems from Anti virus programs than I ever did from viruses.
    Anyone ever notice how they come out with a fix the moment a new virus is unleashed? Hmmm
    Norton in particular has never done anything but destroy my computers.

  • Chris Olson

    Here is another similar article, but with comments from Lookout, Symantec’s competitor in the Android AV market:

    http://www.androidcentral.com/android-malware-scare-may-have-been-premature

    BK Alley – Viruses are real, I’ve dealt with thousands of them. No, Symantec / McAfee don’t create them; they don’t have to. I don’t particularly like Symantec AV products (I wont use or recommend them) they aren’t evil, they do generally work, and they are extremely slow and bloated. (Both Symantec and McAfee, generally speaking.)

  • Anonymous

    This seems that these virus collects data about the user of the phone and sends it to attackers.

  • Chris

    I would like to meet the person that installed Deal and Be Millionaire and expected it to be real.

  • http://twitter.com/iBolski Ivan Samuelson

    Nope. Never installed those programs, never would have either. 

    Be smart, people.