The Register® — Biting the hand that feeds IT

Feeds

Android Trojan leaves 100,000 users out of pocket

MMarketPay buys content from China Mobile's app store

By Phil Muncaster, 9th July 2012
  • print
  • alert

Agentless Backup is Not a Myth

Security researchers are warning of yet another Android malware outbreak which has spread to nine app stores and infected 100,000 with code designed to covertly purchase apps and content from China Mobile’s Mobile Market.

Mobile security firm TrustGo explained that the MMarketPay.A Trojan could be hidden in a number of legitimate-looking applications, including those from Sina and media streaming company Funinhand, as well as travel and weather apps.

The malware has already been placed in nine different third party Android app markets in China, infecting over 100,000, the firm said.

Once downloaded, the Trojan will automatically place orders for paid content and apps at China Mobile’s official Mobile Market online store without informing the user.

It is able to intercept China Mobile’s verification SMS and post the code to the Mobile Market web site in order to complete the purchase, said TrustGo.

In the event of CAPTCHA being triggered at this stage, the malware will apparently send the relevant image to a remote server for analysis.

The advice from the security experts at TrustGo is for users to only download Android apps from trusted app stores and to have some form of real-time mobile security scanner installed on their device to prevent any dodgy downloads.

Visiting an apparently legit app store is no guarantee you’re going to get a malware-free experience, however.

Malware is frequently turning up on the official Android marketplace Google Play – although admittedly less frequently than on some of the more dubious third party sites.

The latest discovery came at the tail end of last week when researchers found malware that lifts the victim’s location data and address book info.

China in particular has been a hotbed of malicious Android activity for some time.

In April, the Chinese authorities were forced to publically reprimand the country’s two biggest mobile carriers, China Mobile and China Telecom, after uncovering “many problems” in their respective app stores.

Globally too, Android continues to be a favourite with cyber criminals.

Security firm Trend Micro is predicting the discovery of 129,000 malicious apps by the end of the year and has compiled this handy infographic detailing the main threats. ®

Customer Success Testimonial: Recovery is Everything

COMMENTS

House Rules Send Corrections
All Reader Comments (53)
Highly Rated
Anonymous Coward
Anonymous Coward

Double standards?

Take an Android phone, deactivate the option to only install from the official Android market, go to unofficial store, download software, get a trojan, all Google's fault.

Take an iPhone, jailbreak it, go to unofficial app store, download software, get a trojan, not Apple's fault at all, you jailbroke it, all your fault.

Android security isn't perfect, but at least I can see what permissions an app wants before I install it, and can make an informed choice as to whether I want to install it.

Can iPhone users be so sure that not one of the hundreds of thousands of apps on the App Store is unsafe and doing something nefarious? It's been shown that malware can be put in there, both as a proof of concept and an actual real app. How many more? Do you really think that millions of iPhones containing all sorts of private data are not a juicy target for criminal gangs the world over?

12
5
Spearchucker Jones

Face palm

The numbers are scary. No doubt.

The fact that they're published in such a pretty infographic form by a security company with an anti virus app for sale is, well, funny. AV on Android is mostly useless because these apps are themselves subject to sandboxing, meaning they can't scan other app folders or system folders.

http://www.extremetech.com/computing/104827-android-antivirus-apps-are-useless-heres-what-to-do-instead/2

Also, there are intrinsic platform design problems in Android, like allowing any app to copy photos without the user's permission. It's great that Google intended to emulate a PC experience, but what AV software is going to determine whether doing this is legit or not?!?

http://bits.blogs.nytimes.com/2012/03/01/android-photos/

7
0
Khaptain

What is the name of the app

What are these alternative stores and what is the name of the App. A little bit more information would have been a lot more serious.

5
0

More from The Register

breaking news
Curtain drops on Apple Store ahead of WWDC: What lies behind?
Steve Jobs watching from on high. No pressure, lads
38
breaking news
Cold, dead hands of Steve Jobs slip from iPhones: The Cult of Ive is upon us
Billionaire biz baron's death clears way for uber-shiny iOS 7
135
Airbus imagines suitcases that find themselves
Point your mobe at your smalls to track their every move
44
Surprise! Intel smartphone trounces ARM in power trials
Tests show equal performance while sipping significantly less juice
87
First look: iOS 7 for iPad
No, Apple hasn't released it yet, but that doesn't stop intrepid devs
46
Apple said to be 'exploring' 5.7-inch iPhone
Who's the copycat this time, Mr. Cook?
53
Review: Belkin Thunderbolt Express Dock
Missing Mac ports reunited, for a price
41
AMD announces 'world's first commercially available 5GHz CPU'
When is 5GHz not quite 5GHz?
67
breaking news
Samsung wins Apple MacBook contract, starts spitting out PCIe SSDs
Small-time card-shufflers are toast
13
Australian 'Apple tax' repealed for MacBook Air
But the new MacPro is priced at a premium
6