Last week Symantec made a splash by declaring that somewhere between 1 and 5 million Android users were infected with the Android.Counterclank software, classifying it as a Trojan and declaring it malware. Almost immediately skeptics questioned the validity of Symantec’s conclusions, notably competing security vendor Lookout Mobile. Lookout declared that while the 13 apps were questionable from a privacy standpoint, the Android.Counterclank API used within was aggressive adware, not malware. Yesterday Symantec retracted their original claims in a blog post, noting that while the advertising in question is aggressive, it doesn’t meet the definition of “malicious”.
Further laying out exactly what Android.Counterclank does, Symantec notes that the applications are generally undesirable, but not inherently dangerous. Considering Symantec’s poor public image as of late (including malfunctioning desktop programs and compromised code) this episode isn’t doing the company any favors. Advanced users are already wary of alarmist declarations from security vendors, and though the malware threat for Android is growing, many consider it overblown, especially when compared to Windows and other desktop operating systems.
All that being said, the thirteen applications that use Android.Counterclank should be avoided on general principles. The advertising that they employ goes way beyond the run-of-the-mill banner ad. Here’s just a few of the “aggressive” methods the apps in question use to try and get your dollars: setting a shortcut on your home screen, adding bookmarks to your browser app, reassigning the home page of the browser app, and sending unwanted web pages to your phone with a push notification system. We won’t link to the apps themselves, as many of them are still available on the Market, but if you’ve downloaded any of the apps on the original list, you’ll want to uninstall them immediately. Considering the rather crass nature and poor quality of the apps, you’ll probably want to do so anyway.