Android Dropdialer Trojan poses as games on Google Play
It’s a new day, but not quite so new malware on Google Play. Symantec caught a Trojan posing as game titles Super Mario Bros and GTA 3 Moscow City on the Android app store. Uh-oh, they had been up on the market since June 24, infiltrating somewhere between 50,000 – 100,000 smart phones, says Symantec's Irfan Asrar. "We would like to thank Android Security for immediately revoking the threat after we notified them of this discovery".
Both of the game apps are the Trojan known as Dropdialer. Once it gains access to a phone, the Trojan pulls in another package called Activator.apk through Dropbox. Then it goes ahead and wreaks havoc by sending texts to premium-rate text numbers. "The premium SMS is targeting Eastern Europe", Asrar says. Then, in the most subtle manner, the malware gets rid of the secondary payload by effectively removing all traces of what it has been doing.
Google Bouncer is unable to sniff it out because the payload was broken up into several pieces. Dropdialers typically have a pattern of being disguised as popular apps, or free versions of popular paid apps. They confuse users by providing vague information during the installation phase as a result of which the user ends up granting access permissions to the app, which it later exploits with great ease.
Concerns about Android spyware and malware are rising. Trojan MMarketPay.A has infected at least 100,000 smartphones in China. Trend Micro reported earlier this month that it had found an excess of 5,000 apps that do nothing but target Android users. Trend Micro paints a gruesome picture when it comes to the Android front, predicting that fourth quarter will witness over 130,000 malware apps. In light of this unsettling prediction, Symantec’s discovery only further augments the noise the alarm bells are incessantly sounding off for Android users.
Compare with Apple, whose playfield may be infiltrated by malware only to be kicked out as soon as it gets in. Google, on the other hand, seems to take things a little too casually when it comes to malware. For two separate harmful apps to stay on the market for a few weeks is confusing. Considering the pace at which Android is growing in popularity with smartphone users, shouldn't Google take Android security more seriously? It’s one thing to not be able to keep malware out of the Google Play arena, it’s a whole other world of failure to be unable to remove it once it gets through.
Malware can do a plethora of dangerous things including spy on one’s emails, pictures, videos, texts, calls etc. You name it and malware apps can pretty much steal it from your phone.
"The vast majority of malware finds its way onto users’ phones via social engineering schemes", Axelle Apvrille, Fortinet senior antivirus analyst and researcher, says. "In short, cyberthugs find ways to impersonate legitimate looking apps and SMS messages in order to compel users to open and install malicious code onto their devices".
And the 50 percent share of the market that Android has only makes the situation scarier. Think of it like this: Half of smartphone users put their private data and information up for grabs, by doing nothing except using Android.
Photo Credit: Symantec
Natalia David blogs for mobistealth, an author who significantly contributes towards computer and cell phone monitoring, android spyware and smartphones. If you want to know more about her you can follow her on twitter @NataliaDavid4