A security researcher has discovered a new malicious code on the Android Market that was circulating in some apps. The code is called Plankton and was discovered inside some apps related to Angry Birds. The malicious code ran as a background service making it hard to discover. The goal of the app appears to have been an attempt to give some unidentified user access to an Android device remotely.
NC State University professor of computer science Xuxian Jiang discovered the code. The malicious code in Plankton was different from other similar code in that it didn’t use exploits on the device to get root access to the OS. Researcher Andrew Brandt said, “Instead, the remote commands simply give an unknown criminal access to what some may consider sensitive data on the phone, including the browser history, bookmarks, and homepage settings in the built-in Android browser.”
Google has moved quickly and has already suspended several apps that were found to use the code. It’s not clear what the goal of the person or group that circulated the malware laced apps was at this point. Jiang found ten infected app on the Market.