updated 02:15 pm EDT, Thu April 26, 2012
Fake port thought to use SMS scamming
Eccentric pop icon Bjork once expressed little doubt, and even encouragement, that pirates would adapt her iOS app Biophilia for distribution on Android. That has happened, but likely not in the way she anticipated. Symantec has identified a malware scam based on a fake port of Biophilia, one that opens up unsuspecting users to premium SMS scamming.
The malware version on Android consists of two parts: a music-streaming front-end and a background "Market" service. The Market service starts up every time the phone starts up, and appears to belong to the Android.Golddream family of threats. Malicious apps belonging to this family are typically false versions of popular apps, stealing user information and running software in the background that uses the phone to run premium SMS scams.
The malicious app isn't available in Google's Play app store, which mitigates the risk to Android users. Malware and false apps have proven to be something of a problem for Android, and Google has in the past taken steps to address the problem, removing apps and executing greater control over its app store when possible. Still, malicious apps remain a concern on Android, due in part to the open nature of app distribution on the OS.
Biophilia was released last year as Bjork's seventh album, and the accompanying iOS app contains 10 separate apps, one for each album track. The app is a multimedia project melding the music with games and other content.