Skip to main content

Android Trojan Is Disguised As Google Security Update

Security software maker Symantec has discovered a new Android trojan that is mimicking the recently released Android Market security update released by Google.

The trojan, which is being distributed via third party Android app stores, is a malware injected version of the Market security update released by Google to remove the DroidDream malware from infected Android devices.

Disguised under the name of the original Android Market Security Tool, the trojan is being targeted towards Chinese users of Google's smartphone platform.

Symantec said in a blog post that the trojan was capable of sending text messages to command-and-control servers along with other device information like IMEI number and user mobile number.

“Analysis of the application is still ongoing, however, what is shocking is that the threat’s code seems to be based on a project hosted on Google Code and licensed under the Apache License,” Symantec's Mario Ballano wrote on the blog.

Android's rising popularity the world over is being exploited by hackers, who are bent upon duping users into downloading genuine and harmless sounding apps, which are in fact injected with malware. Recent statistics released by Gartner show that 67 million Android-based devices were sold last year.