Remember DroidDream - one of the worst malware apps that we've seen since Android's inception? Well, it appears that the developer of said malware is back at it again, with a reported 25 infected apps (so far) found in the Android Market. Dubbed DroidDreamLight by the Lookout Security team, this infection is a stripped down version of its predecessor. Make no mistake, though - that doesn't mean it's any less malicious.
This malware was actually found by a developer of one the infected apps, when he noticed that a modified version of his own apk was being distributed in the Android Market. He reported this incident to Lookout, who then inspected the code and found code associated with DroidDream had indeed been implanted into it. Upon further inspection, the Lookout Team discovered 24 more apps that were being redistributed with the DroidDreamLight code injected into them - infecting an estimated 30,000-120,000 users so far.
DroidDreamLight goes into action when an infected device receives an incoming call, collecting IMEI, IMSI, Model, SDK Version, and information about installed packages and uploads that information to remote servers, according to the Lookout Blog. DroidDreamLight does have the ability to download packages, but unlike its predecessor, it can't actually perform an update without the user acknowledging and approving the action.
Users of Lookout Mobile Security (free or light) are already protected from this infection, and you can rest assured that Google has already taken appropriate measures to prevent it from spreading any further - all of the apps in question have been removed from the Android Market until further investigation has been completed.
As far as the infected apps are concerned, here is the list provided by Lookout Mobile:
Magic Photo Studio
- Sexy Girls: Hot Japanese
- Sexy Legs
- HOT Girls 4
- Beauty Breasts
- Sex Sound
- Sex Sound: Japanese
- HOT Girls 1
- HOT Girls 2
- HOT Girls 3
Mango Studio
- Floating Image Free
- System Monitor
- Super Stopwatch and Timer
- System Info Manager
E.T Team
- Call End Vibrate
BeeGoo
- Quick Photo Grid
- Delete Contacts
- Quick Uninstaller
- Contact Master
- Brightness Settings
- Volume Manager
- Super Photo Enhance
- Super Color Flashlight
- Paint Master
The Lookout Team went on to give some good advice on how to stay safe from malicious software:
- Only download apps from trusted sources, such as reputable app markets. Remember to look at the developer name, reviews, and star ratings.
- Always check the permissions an app requests. Use common sense to ensure that the permissions an app requests match the features the app provides.
- Be alert for unusual behavior on your phone. This behavior could be a sign that your phone is infected. These behaviors may include unusual SMS or network activity.
- Download a mobile security app for your phone that scans every app you download to ensure it’s safe. Lookout users automatically receive protection against this Trojan.