Trend Micro researcher spots Android malware in third-party markets

According to Lion Gu, Trend Micro recently found Android malware masquerading as a variety of malware applications in a China-based Android market.

“The samples we were able to acquire come as a love test application, an ebook reader, and a location tracker”, he said, adding that it was immediately noticeable that the apps did more than they are supposed to, based on the permissions they requested.

The notable feature of ANDROIDUS_LUVRTAP.B is that it automatically executes once the Android device is rebooted, says Gu, addng that, as it executes and retrieves the users mobile phone credentials, then relays this to a distant website.

The app has also been seen, says Gu, generating premium rate text messages and so racking up a large bill on the users' account.

“The apps have been taken down from the app store. However, users are strongly advised to be extremely meticulous when it comes to installing applications into their devices. Take note of their description, make sure the permission requests are valid, and watch out for any suspicious routines such as the automatic sending of SMS messages”, he explains in his latest security posting.

Gu's warning comes as Google has announced plans to bring forward the released date for Android 4.0 (aka Ice Cream Sandwich), the successor to Android 3.0, aka Honeycomb.

Although the complete set of new features and enhancements are said to number more than 500, sources suggest that Android 4.0 will see the arrival of a far more security-enabled architecture, as well as unifying the tablet and smartphone user community with single user interface.

What’s Hot on Infosecurity Magazine?