Android Malware Infects Millions of Users

Malware might have infected more than 5 million Android mobile devices via deliberately corrupted apps sold in the Android Marketplace, according to security firm Symantec.

The malware, code-named "Android.Counterclank," is a Trojan that steals information and can download additional malicious files. According to Symantec, the Trojan has been identified in 13 different apps in the Android Marketplace.

"For each of these malicious applications, the malicious code has been grafted on to the main application in a package called 'apperhand'," wrote Symantec, in a blog post. "When the package is executed, a service with the same name may be seen running on a compromised device. Another sign of an infection is the presence of the Search icon above on the home screen."

The 13 apps hiding the malware are: Counter Elite Force, Counter Strike Ground Force, CounterStrike Hit Enemy, Heart Live Wallpaper, Hit Counter Terrorist, Stripper Touch Girl, Balloon Game, Deal & Be Millionaire, Wild Man, Pretty Women Lingerie Puzzle, Sexy Girls Photo Game, Sexy Girls Puzzle and Sexy Women Puzzle.

While rival app stores such as Apple's iTunes and Microsoft's Zune Marketplace have instituted a strict testing protocol for all new software entries, Google's relatively lax quality control and open source platform can lead to higher numbers of malicious applications being included compared with its competitors.

Many security researchers, including a team from Georgia Tech, have forecasted a huge rise in malware hitting the Google platform due both to its open source platform and the large target it presents for attackers. Google owns 52.5 percent of the smartphone market share, according to Gartner.

Symantec stated it had notified Google of the apps hiding malicious code. However,  many of the infected entries were still available on the Android Market as of Friday afternoon.

Symantec alerted the public and Google of its findings today. However, many user reviews for the apps in question have been pointing out the issues.

"Kept the game, accidently started it again today and somehow ended up with a WRAPPIO - NOTIFICATION BAR - AD SPAM issue, and a strange (fake) market icon, wrote user Albione, in a review for Counter Elite Force. 'Downloaded AirPush Detector after looking at a couple forums. Flagged right away. Uninstalled immediately. Hoping it resolves the issue, but just Uninstalled…'."

For removal of the malware, Symantec is advising smartphone users to uninstall the infected applications and run a mobile antivirus program. Norton offers a free 90-day trial to its Norton Mobile Security application, which can be downloaded here

About the Author

Chris Paoli is the site producer for and


  • Microsoft Nabs IoT Platform Provider Express Logic

    As part of its plan to invest $5 billion in IoT technologies, Microsoft this week acquired Express Logic, which provides real-time operating systems for industrial embedded and IoT devices.

  • Dealing with Broken Dependencies in SCVMM

    Brien shows you how to resolve some broken, template-related dependencies in Microsoft's System Center Virtual Machine Manager.

  • AzCopy Preview Adds AWS S3 Data Transfer Improvements

    Microsoft announced this week that it has improved the preview version of its AzCopy tool to better handle Amazon Web Services (AWS) S3 data.

  • Microsoft Adding Google G Suite Migration in Exchange Admin Center

    Microsoft's Exchange Admin Center will be getting the ability to move Google G Suite calendar, contacts and e-mail data over to the Office 365 service "in the coming weeks."

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.