31
May
android-virus-1

Lookout Team Pegs 25 Android Market Apps Infected With DroidDreamLight Malware

Posted by in News

Remember DroidDream - one of the worst malware apps that we've seen since Android's inception? Well, it appears that the developer of said malware is back at it again, with a  reported 25 infected apps (so far) found in the Android Market. Dubbed DroidDreamLight by the Lookout Security team, this infection is a stripped down version of its predecessor. Make no mistake, though - that doesn't mean it's any less malicious.

This malware was actually found by a developer of one the infected apps, when he noticed that a modified version of his own apk was being distributed in the Android Market.

09
Mar
android_market

PSA: Infected "Android Market Security Tool March 2011" App Floating Around

Posted by in Applications, News

It seems evil-doers' depravity knows no bounds: we've just heard word from Symantec that an infected version of Google's Android Market Security Tool March 2011 is floating around the "black markets" - meaning it's not in the Android Market, but it is floating around the 'net in APK form. Luckily, it's not nearly as bad as DroidDream (the malware it was designed to remove), but it's malware nonetheless.

Specifically, Justin says it's closely related to (or possibly the same as) "Fake 10086" malware. Asian users seem to be getting the brunt of it, and it collects information such as IMEI, phone number, and other minor tidbits, which it then uploads to this site.

06
Mar
android_soldier

[Updated] Google Acknowledges DroidDream: Remotely Wiping Apps, Removing Exploit, Making Changes To Prevent It From Happening Again

Posted by in Android OS, Apps/Games, News

Google continues to be admirably quick to react to DroidDream, the nasty Android Trojan we helped uncover on Tuesday. After removing the offending apps from the Market in just a few minutes of finding out about them, a new post on the Google Mobile Blog reveals that they're now ready to take further steps.

Update: The tool Google is using to bulldoze DroidDream malware off your phone has surfaced in the Android Market: Android Market Security Tool. From the app's description:

"There is no need to download and install this application on your own.

This is an Android Market security update that undoes exploits caused by the malicious applications that were removed from Android Market on 03/01/2011.

02
Mar
android-virus-1

Updated: DroidDream Is Bad - But We Think We Found Something Even Worse (Maybe)

Posted by in Android OS, News

Update: After having a back and forth with Android Security, there's some disagreement as to just how malicious these apps we linked in this post are. We may have jumped the gun here, so hold tight, and we'll keep you informed.

First off, no, we're not trying to be sensationalist. And I'll admit up front that we're a bit light on details at the moment, but we've got a guy who is a professional, seasoned coder, and that's not the type of guy whose opinion you ignore. With that said: yes, we really think that we found something worse.

Among the flood of (mostly) related security/piracy tips we received in the wake of the DroidDream discovery was something that was worth a closer look: two more developers who were putting up more stolen apps.

02
Mar
evil_android

[Update: Plug The Hole Yourself] Malware Monster: DroidDream Is An Android Nightmare, And We've Got More Details

Posted by in Android OS, News
Last Updated: March 6th, 2011

Update: Google has officially acknowledged DroidDream and is taking further steps to correct it. Details can be found here: Google Acknowledges DroidDream: Remotely Wiping Apps, Removing Exploit, Making Changes To Prevent It From Happening Again.

Wow - from our perspective, it's almost like the world exploded overnight. We have more information and details on the virus - which Lookout has named "DroidDream" (the word was consistently used in package names by the malware developers) - and some updates on where things stand.

First, we're absolutely amazed at how quickly Google reacted. As mentioned last night, our own Justin Case pinged a contact and the apps were pulled from the market within minutes.

01
Mar
andy_trojan

The Mother Of All Android Malware Has Arrived: Stolen Apps Released To The Market That Root Your Phone, Steal Your Data, And Open Backdoor

Posted by in Android OS, News
Last Updated: March 6th, 2011

Update 2: Google has officially acknowledged DroidDream and is taking further steps to correct it. Details can be found here: Google Acknowledges DroidDream: Remotely Wiping Apps, Removing Exploit, Making Changes To Prevent It From Happening Again

Update: For more details on DroidDream, check out out the follow-up post. It includes more information about the virus and how it works, who's to blame, and provides a link to a flashable .ZIP that prevents the virus from working.

Openness - the very characteristic of Android that makes us love it - is a double-edged sword. Redditor lompolo has stumbled upon a perfect example of that fact; he's noticed that a publisher has taken "...