8 Notorious Android Malware Attacks - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Mobile

8 Notorious Android Malware Attacks

Nearly a third of Android users will fall prey to mobile security threats this year. Here's a look at some of the worst Android malware attacks we've seen so far.

Lookout Mobile Security Protects Android Smartphones
Slideshow: Lookout Mobile Security Protects Android Smartphones
(click image for larger view and for slideshow)
As smartphones penetrate every segment of the market, mobile malware is on the rise. And according to a new threat report from Lookout Mobile Security, Android is taking the brunt of the attacks.

The Achilles heel of Android security is also a source of strength for the platform, as the open marketplace model that Google has used to propel its mobile OS to global prominence serves as an open vector for an array of malware attacks. Here are eight of the most pernicious malware threats Android has suffered so far.

1. Fake Banking Apps

In 2009, while the Android Market was still in its infancy, a user known as Droid09 uploaded several phony online banking apps to lure customers of major banking institutions into entering their online account logins. "Informed of this, Google quickly removed them," said Robert Vamosi, senior analyst at Mocana and author of When Gadgets Betray Us.

2. Android.PjappsM

Early in 2010, sly attackers downloaded legitimate programs from the Android Market, infected them with the Android.Pjapps malware, and then redistributed the modified versions on third-party Android marketplaces. The objective, according to Symantec, was to steal information from infected devices and enroll the device in a botnet that then launched attacks on websites to steal additional data and infect more devices. It also sent costly SMS messages.

3. Android.Geinimi

While not too worrisome for North American users, the Trojan horse known as Geinimi corrupted a number of legitimate Android games on Chinese download sites, and added infected devices to a mobile botnet.

4. AndroidOS.FakePlayer

While relatively ineffective against U.S.-based targets, the AndroidOS.FakePlayer threat demonstrated how easily an attacker could steal from users without their knowledge. As Symantec explained, "This malicious app masquerades as a media player application. Once installed, it silently sends SMS messages (at a cost of several dollars per message) to premium SMS numbers in Russia." Fortunately, it didn't work on wireless networks outside of Russia, so the actual damage was minimal for North American wireless customers.

5. DroidDream (aka, Android.Rootcager)

One of the most nefarious malware campaigns addressed in Lookout's Mobile Threat Report, DroidDream infected roughly 60 different legitimate apps in the Android Market and infected hundreds of thousands of users in the first quarter of 2011. The malware added infected devices to a botnet, breached the Android security sandbox, installed additional software, and stole data.

6. Android.Bgserv

Shortly after Google deployed a tool for users to clean up devices that had become infected with DroidDream, malware authors got clever and, according to Symantec, "attackers capitalized on the hype and released a malicious fake version of the cleanup tool." Known as Android.Bgserv, this somewhat less dangerous bit of malware stole device data, such as the phone's IMEI number and phone number, and uploaded it to a server in China.

7. GGTracker

As Android threats continue to evolve, malware creators are getting increasingly clever about luring users into downloading their malicious creations. In June of this year, a threat called GGTracker presented users with a mobile Web page designed to look like the official Android Market, and prompted them to download a phone battery-saving app. Once installed the app sent premium SMS messages from users' phones, charging rates of up to $40 per message.

8. DroidKungFu

In an emerging malware distribution tactic known as an update attack, malware creators weasel their way into the app store with a legitimate app, wait for a significant number of users to install it, and then inject malware into the app via an over-the-air update. The first known example of this, DroidKungFu, was thwarted before it could infect users on the official Android Market. Security analysts at Lookout spotted in on Chinese markets, and then noticed the same writers attempting to post it to the Android Market. Lookout notified Google, and the app was immediately rejected.

Attend Enterprise 2.0 Santa Clara, Nov. 14-17, 2011, and learn how to drive business value with collaboration, with an emphasis on how real customers are using social software to enable more productive workforces and to be more responsive and engaged with customers and business partners. Register today and save 30% off conference passes, or get a free expo pass with priority code CPHCES02. Find out more and register.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
News
The State of Chatbots: Pandemic Edition
Jessica Davis, Senior Editor, Enterprise Apps,  9/10/2020
Commentary
Deloitte on Cloud, the Edge, and Enterprise Expectations
Joao-Pierre S. Ruth, Senior Writer,  9/14/2020
Slideshows
Data Science: How the Pandemic Has Affected 10 Popular Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  9/9/2020
White Papers
Register for InformationWeek Newsletters
2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
Video
Current Issue
IT Automation Transforms Network Management
In this special report we will examine the layers of automation and orchestration in IT operations, and how they can provide high availability and greater scale for modern applications and business demands.
Slideshows
Flash Poll