DroidKungFu Malware Levels up- Can now go Unnoticed

DroidKungFu, a recent malware present in the Android market, was bad enough with its ability to infiltrate your device, jack your personal data, and take it a step further by having complete control over your gadget.

Well, the malicious software has turned it up a notch and has developed the ability to sneak past detection, making it harder to catch. The upgrade has even let it slip under the noses of some leading anti-virus software.

As long as users are careful and try to stay as far away from non official application markets, the risk can still be managed.

New Trojan Found by Lookout; Hides in Advertisements

It looks like we’ve got another Trojan spotted by Lookout Mobile Security. This malware, dubbed GGTracker, automatically enrolls you into paid SMS subscriptions.

How does this happen? Well first, the victim clicks on an in-app advertisement, which transports them to a malicious webpage disguised as an imitation Android Market. The page offers some variation of a sexy app or battery life improvement and offers it up for a free download. While your installing the “app” the trojan is operating seperately in the background and registering you for the premium SMS services.

The official Lookout blog says they haven’t seen it on the real Android Market, and they ever so subtly recommend you download a security service for your phone (they also mention that their premium and free customers are protected from his particular trojan).

Another option to avoid the trojan is to be careful not to trust unreliable application pages, and check the URL to avoid mistaking the fake page as the real market.


More Malware Infected Apps Plucked From Market

Only a few days after a lengthy list of malware-infected applications was discovered, another handful was found.
Google has eliminated ten more apps from the Android Market after an assistant professor in computer science at North Carolina State University, Xuxian Jiang, noticed the threat.

What’s different about this malware- dubbed “Plankton” by Jiang- is it’s method of pushing itself onto your phone. Plankton needs no vulnerability or weak spot to root itself and take over, just a simple installation.

What guise did each of all ten apps present itself under? None other than everyone’s favorite Rovio game; fake Angry Bird updates and add-ons were the vessels in which Plankton was delivered. Once hacked, Plankton could harvest all the phones data and expose it to even more damage to the operating system.

As mentioned, Google has already taken the harmful apps off the store and added it to their ever expanding list of Malware infections.

Malware Detected on Android Market

Lookout Mobile Security has suspected DroidDream’s developers to be crafting new apps to cause harm on Androids.

Lookout blogged, “Multiple applications available in the official Android Market were found to contain malware that can compromise a significant amount of personal data.”

They suspect the Malware was developed by the same creators of of DroidDream a few months back.
“Applications were found to be infected with a stripped down version of DroidDream we’re calling “Droid Dream Light” (DDLight).”

Listed below and on Lookout’s Blog are apps that have been suspected and/or removed due to infestation.

Magic Photo Studio

Sexy Girls: Hot Japanese
Sexy Legs
HOT Girls 4
Beauty Breasts
Sex Sound
Sex Sound: Japanese
HOT Girls 1
HOT Girls 2
HOT Girls 3
Mango Studio

Floating Image Free
System Monitor
Super StopWatch and Timer
System Info Manager
E.T. Tean

Call End Vibrate

Quick Photo Grid
Delete Contacts
Quick Uninstaller
Contact Master
Brightness Settings
Volume Manager
Super Photo Enhance
Super Color Flashlight
Paint Master


Quick Cleaner
Super App Manager
Quick SMS Backup
UPDATE: An additional de


Bubble Buster Free
Quick History Eraser
Super Compass and Leveler
Go FallDown !
Solitaire Free
Scientific Calculator

Beware: Android Market Security Tool Gets Malicious Impersonators!

Earlier this week, we posted an article regarding Google launching a new security tool which would help protect your Android device against intrusive malware of sorts. Although it wasn’t absolutely necessary for anyone to actually go out and download this app, since Google was set to use the same tool themselves, to do an automatic security check. Despite that fact, it still made many people feel more secure about their devices.

With that said, it’s now being suggested that it’s better to just not even download the Security Tool from the Market, because there’s alternate versions of the app which actually contain new malware and viruses. When does it end?! If you haven’t been affected, or are worried as to what to do to prevent yourself from getting any kind of malware on your device. DO NOTHING! If you’re not having problems, then it’s best you don’t try and take any further measures to protect yourself because: Google will do that for you!

[VIA] Phandroid

Attached files

Android-Market-Security.jpg (58.5 KB) 

Google Launches Security App in Android Market; Fixing Malware Issues

With all the ruckus over malware on Android last week, we figured it was only a matter of time before Google stepped in and did something about it. The issue only affects those running Android versions under 2.2.2, but that still leaves a good portion of the Android community at risk. The company released a statement indicating exactly what measures they are taking to fix the issue, and to help make sure this kind of problem doesn’t happen again.

  1. We removed the malicious applications from Android Market, suspended the associated developer accounts, and contacted law enforcement about the attack.
  2. We are remotely removing the malicious applications from affected devices. This remote application removal feature is one of many security controls the Android team can use to help protect users from malicious applications.
  3. We are pushing an Android Market security update to all affected devices that undoes the exploits to prevent the attacker(s) from accessing any more information from affected devices. If your device has been affected, you will receive an email from [EMAIL=android-market-support@google.com]android-market-support@google.com[/EMAIL] over the next 72 hours. You will also receive a notification on your device that “Android Market Security Tool March 2011” has been installed. You may also receive notification(s) on your device that an application has been removed. You are not required to take any action from there; the update will automatically undo the exploit. Within 24 hours of the exploit being undone, you will receive a second email.
  4. We are adding a number of measures to help prevent additional malicious applications using similar exploits from being distributed through Android Market and are working with our partners to provide the fix for the underlying security issues.

If it makes you feel any safer, Google launched a tool in the Android Market you can grab that helps remove the no-goods from your device, so be sure to check that out. We have to get used to these kinds of things in the open world of Android!

[VIA] DroidLife

Attached files

android-market-security-600×337.jpg (21.1 KB)