New Android malware threat: over 100,000 devices infected so far
Malware on Android devices is a real and growing threat, and one that is only likely to worsen. The latest Trojan to be found in the wild is a particularly nasty piece of coding named MMarketPay.A by TrustGo, the mobile security company that discovered it. Believed to have infected more than 100,000 smartphones in China, the Trojan downloads paid apps and videos from Mobile Market (M-Market), China Mobile’s official app store, without the user’s knowledge, resulting in some pretty hefty bills.
The malware is picked up by downloading infected apps from one of nine app stores (nDuoa, GFan, AppChina, LIQU, ANFONE, Soft.3g.cn, TalkPhone, 159.com and AZ4SD) and once installed on a device, it bypasses M-Market’s SMS security step, and begins placing orders and downloading content.
While the chances of it actually spreading beyond China are slim -- unless you choose to download your apps from Chinese stores -- it’s another example of how malware creators are targeting Google’s mobile OS, and another reason why you should avoid downloading apps from any other sources besides Google Play.
Because Apple’s ecosystem is more locked down, and officially prohibits side-loading apps, it’s far less likely you’ll pick up an infected app on an iOS device, but not impossible. Apple and Google both removed the Russian-language Find and Call app from their respective stores last week, following a tip-off from Kaspersky Labs that it was stealing users’ phone books and spamming their contacts.
How worried are you about the growing threat of malware on mobile devices?