Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

200,000 Android smartphones may be infected with malware

A Symantec researcher says Android users may have downloaded between 50,000 and 200,000 infected apps
A Symantec researcher says Android users may have downloaded between 50,000 and 200,000 infected apps

According to the Android Police portal, a number of apps were downloaded, recoded with the DroidDream malware, and then re-uploaded for free downloading, for a period of up to four days before Google realised and took the apps down from the Market.

Android Police says that the DroidDream malware appears to have triggered an infection on Android handsets, centering on a well-known root exploit. The site has posted a zip file that, when installed, will stop the malware from executing.

Joji Hamada, a security researcher with Symantec, claims that the malware is capable of rooting the smartphone, harvesting data, and/or opening a backdoor.

"We have been seeing a lot of this as of late – threats like Android.Geimini and Android.Pjapps – where the authors release them on unofficial Android marketplaces", he said.

Hamada says that between 50,000 to 200,000 downloads took place within a four-day time frame that the apps were made available.

The malware, he adds, includes Android.Rootcager, an executable that "roots the phone without user consent to perform various activities."

"DownloadProvidersManager.apk is dropped by the malware to monitor installed applications and download additional packages of code as a background service", he said in his latest security blog.

"The malware also attempts to record IMEI and IMSI numbers, which are used to identify mobile phones, and upload the data to an external website", he added.

What’s Hot on Infosecurity Magazine?