A security researcher has discovered a new malicious code on the Android Market that was circulating in some apps. The code is called Plankton and was discovered inside some apps related to Angry Birds. The malicious code ran as a background service making it hard to discover. The goal of the app appears to have been an attempt to give some unidentified user access to an Android device remotely.

NC State University professor of computer science Xuxian Jiang discovered the code. The malicious code in Plankton was different from other similar code in that it didn’t use exploits on the device to get root access to the OS. Researcher Andrew Brandt said, “Instead, the remote commands simply give an unknown criminal access to what some may consider sensitive data on the phone, including the browser history, bookmarks, and homepage settings in the built-in Android browser.”

Google has moved quickly and has already suspended several apps that were found to use the code. It’s not clear what the goal of the person or group that circulated the malware laced apps was at this point. Jiang found ten infected app on the Market.

[via ITPro]

4 COMMENTS

  1. I don’t know but it seems that Google needs to do something. Possibly develop something that can monitor an apps activities then have someone use the new app to see what it really does. Once a developer has proven to be trustworthy they wouldn’t really have to check their apps. . . only these new fly by night devs that show up and throw this junk on the market. 

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.