AAPL Stock: 117.8 ( -0.5 )

Printed from

Rash of Android malware tips up, some on Android Market

updated 10:20 pm EDT, Mon July 11, 2011

Android hit by DroidDream, Zitmo, HippoSMS malware

Android faced a slew of new if mitigated malware infections over the weekend. Antivirus software maker Lookout Security warned that a variant of DroidDream Light was briefly available with four apps on the legitimate market. Google had pulled the apps, but not before 1,000 to 5,000 people were infected, Lookout said.

The attack was significant as it was likely to have been published by the same author that had been caught uploading malware earlier. Why Google hadn't taken action to prevent a resubmit isn't clear, though Google has historically had a consciously loose app screening policy to provide more liberties to developers.

Two instances of rogue code have been spotted outside of Google's own store. One, Zitmo, has been developed by a dedicated malware team ZeuS. Fortinet found that the trojan variant poses as a banking app but forwards text messaging to an outside server, where ZeuS can intercept private data.

Another, HippoSMS, was found by NC State University Assistant Professor Xuxian Jiang on third-party Chinese app stores. The code not only steers text messages to a toll number to rack up high bills but blocks text messages to and from Chinese service providers that would warn the user of excessive charges. Android antivirus makers have been contacted, but the only solution so far is to be cautious and monitor both the source and app permissions.

While the attacks have been relatively isolated, they come just after a recent Symantec study that showed a much higher vulnerability in Android than in iOS to hostile code. Apple's policies are sometimes criticized for being too restrictive but have also left any malware incidents to those who jailbroke their phones and disabled many of the protections. Among Symantec's findings was that Google wasn't adequately screening for suspicious apps and was leading to malware that infected real, regular users before it was pulled. [via CNET]

Zitmo in action: actual intercept code (top) versus what the user sees (bottom)

by MacNN Staff



  1. iphonerulez

    Joined: Dec 1969


    What kind of a platform is

    Google running. Allowing anyone to upload apps without any screening whatsoever. That doesn't appear like "openness" but laziness on Google's part. As many Android smartphones there are, you'd think that Google would at least try to protect most of those non-tech users from malicious attacks. Google makes uploading apps so easy, it's almost begging for malware apps.

  1. qazwart

    Joined: Dec 1969


    Come 3.0 Things May Be Different

    Google is clamping down hard on Android 3.0 which might start singling a more "iPhone" like behavior in Android operations. 3.0 won't be as modifiable as earlier versions of Android, and there is talk of clamping down on outside stores. One of the threats was Amazon and Facebook using custom made Android phones to lead people to their stores over Android Marketplace.

    I doubt that Android will be locked down as tightly as Apple. I believe Windows Phone is more in line of where Android is heading, but phones are way different than computers. I don't mind troubleshooting my computer. I don't want to do the same for my phone.

  1. hayesk

    Joined: Dec 1969



    Open - as in, your personal data is open to be uploaded to who knows where.

  1. ethical_paul

    Joined: Dec 1969


    Don't worry

    The free market will take care of this kind of malware--there's no need for Google to try to prevent it.

    That is to say, the free market will leave Android and head for iOS where they don't have to worry about malware.

  1. Flyingjoe

    Joined: Dec 1969



    Admittedly, I do own Apple products. But I've never gotten this "live free or die" mentality of some, either in having unrestricted access to weapons or in not being denied some "freedom" with their phone. What app are they so in love with that makes this kind of vulnerability worthwhile? I guess even the nerd crowd has their share of the gun-toting fanatics. But it's not based on logic - it's a completely emotional response.

    I am glad that there's real competition out there as any quasi-monopoly isn't healthy for any company, very much including Apple, so Android will help keep iOS evolving and being more flexible. I thank them for that. In fact, I'll be happy to text them my thanks using my secure phone..

  1. viktorob

    Joined: Dec 1969


    Take that apple...

    May be you the iPhone has 400 k + apps, but how many virus and malwares you iphone users have? Zero, nada, finito.
    Android "openness" gives android user the freedom to run any malware and virus they want and apple does not gives you that option to have your data stolen or compromised.

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented