Android smartphone owners are being advised to stay vigilant and on the lookout for new evidence of increased malware intrusions, say Symantec researchers. One piece of malware called ‘Android.Pjapps’ has back door capabilities designed to target Android-based smartphones and hides within the Steamy Window app, which was not a porn search portal when we last checked.
Researchers on the Symantec blog point out that for some smartphone users new to the world of apps, it may prove difficult to disntinguish between the legitimate version and the infected malware variation. According to researcher Mario Ballano, the aim of Android.Pjapps is to build a botnet controlled by command and control (C & C) servers and then cause the usual havoc with the target’s phone details. It’s worth noting that the apps were not downloaded from the genuine Android Market. They were from an unregulated third-party Android marketplace.
Look carefully: It’s not too hard to tell the difference between the real app and the malware infected version if you’re paying attention to key areas such as the title and what functionalities the app will approve. Image credit: Symantec
Guitar app called ‘Mother of all malware’ threats
In another example of Android malware benefiting from the lax security offered by unverified apps hitting the Android market, a crafty piece of malware contains a binary root exploit capable of doing similar damage as the Android.Pjapps code has been discovered recently. According to Android Police, the malware is hidden in an app that tried to emulate the popular Guitar Solo Lite with an app called ‘Super Guitar Solo’, in addition to 21 other apps that have been downloaded more than 50,000 times reports the Android watch dog (and all have since been removed).
The nature of these Android threats typically allow attackers to take control of a person’s phone, by capturing IMEI data and hijacking the phone in order to dial premium SMS services and push ad campaigns offered by dubious third parties. Food for thought if you’re hanging around the Android Market next time.
Update:
[via Symantec and Android Police]