Millions caught up in Android botnet

More malware found lurking in the official Google Android market.
Security firm Symantec has uncovered a massive botnet that may have lured millions of unwitting Android users into downloading malware infected apps from the official Google Android Market.

The Trojan, dubbed 'Android.Counterclank' by Symantec, was packaged into at least 13 free games published by three different publishers on the official app download site. The following apps are known to be affected:

Published by iApps7 Inc:

  • Counter Elite Force
  • Counter Strike Ground Force
  • CounterStrike Hit Enemy
  • Heart Live Wallpaper
  • Hit Counter Terrorist
  • Stripper Touch Girl

From publisher Ogre Games:

  • Balloon Game
  • Be Millionaire
  • Wild Man

From publisher redmicapps:

  • Pretty women lingerie puzzle
  • Sexy Girls Photo Game
  • Sexy Girls Puzzle
  • Sexy Women Puzzle

According to Symantec researcher Irfan Asrar, Counterclank is capable of carrying out commands received from a remote server and is capable of both stealing information from, and displaying ads on, infected Android handsets.

According to Symantec, Counterclank has the highest distribution of any Android malware identified so far this year.

Back in December of last year I wrote about six problems that was facing Android that Google was doing nothing to address. One of those issues was security, both the lack of decent security tools and the increasing proliferation of malware appearing in the official Google Android Market. It seems clear that Google's idea of curating the official download site is to limited to cleaning up toxic spills rather than preventing them in the first place. This process doesn't seem to be working and is putting user's data at risk.

It's time Google started taking security much more seriously.


Editorial standards