Android Malware Infects Millions of Users

Malware might have infected more than 5 million Android mobile devices via deliberately corrupted apps sold in the Android Marketplace, according to security firm Symantec.

The malware, code-named "Android.Counterclank," is a Trojan that steals information and can download additional malicious files. According to Symantec, the Trojan has been identified in 13 different apps in the Android Marketplace.

"For each of these malicious applications, the malicious code has been grafted on to the main application in a package called 'apperhand'," wrote Symantec, in a blog post. "When the package is executed, a service with the same name may be seen running on a compromised device. Another sign of an infection is the presence of the Search icon above on the home screen."

The 13 apps hiding the malware are: Counter Elite Force, Counter Strike Ground Force, CounterStrike Hit Enemy, Heart Live Wallpaper, Hit Counter Terrorist, Stripper Touch Girl, Balloon Game, Deal & Be Millionaire, Wild Man, Pretty Women Lingerie Puzzle, Sexy Girls Photo Game, Sexy Girls Puzzle and Sexy Women Puzzle.

While rival app stores such as Apple's iTunes and Microsoft's Zune Marketplace have instituted a strict testing protocol for all new software entries, Google's relatively lax quality control and open source platform can lead to higher numbers of malicious applications being included compared with its competitors.

Many security researchers, including a team from Georgia Tech, have forecasted a huge rise in malware hitting the Google platform due both to its open source platform and the large target it presents for attackers. Google owns 52.5 percent of the smartphone market share, according to Gartner.

Symantec stated it had notified Google of the apps hiding malicious code. However,  many of the infected entries were still available on the Android Market as of Friday afternoon.

Symantec alerted the public and Google of its findings today. However, many user reviews for the apps in question have been pointing out the issues.

"Kept the game, accidently started it again today and somehow ended up with a WRAPPIO - NOTIFICATION BAR - AD SPAM issue, and a strange (fake) market icon, wrote user Albione, in a review for Counter Elite Force. 'Downloaded AirPush Detector after looking at a couple forums. Flagged right away. Uninstalled immediately. Hoping it resolves the issue, but just Uninstalled…'."

For removal of the malware, Symantec is advising smartphone users to uninstall the infected applications and run a mobile antivirus program. Norton offers a free 90-day trial to its Norton Mobile Security application, which can be downloaded here

About the Author

Chris Paoli is the site producer for and


  • Microsoft Offers Endpoint Configuration Manager Advice for Keeping Remote Clients Patched

    Microsoft this week offered advice for organizations using Microsoft Endpoint Configuration Manager with remote Windows systems that need to get patched, and it also announced Update 2002.

  • Azure Edge Zones Hit Preview

    Azure Edge Zones, a new edge computing technology from Microsoft designed to enable new scenarios for developers and partners, emerged as a preview release this week.

  • Microsoft Shifts 2020 Events To Be Online Only

    Microsoft is shifting its big events this year to be online only, including Ignite 2020.

  • Microsoft Browser Support for TLS 1.0 and 1.1 Ending 2H 2020

    Microsoft announced on Tuesday that its plans to drop support for Transport Layer Security (TLS) protocols 1.0 and 1.1 in its browsers will get delayed by a few months until the second half of this year.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.