Android has had its fair share of malware problems. Whenever malware are detected, Google reacts swiftly and remove them. However, according to security researcher Neil Daswani, around 8% of the apps on the Android market are leaking private user data.
In March 2011, 58 malicious applications were found in the Android Market. Before Google could remove the applications from the Android Market they were downloaded to around 260,000 devices. These applications contained Trojans hidden in pirated versions of legitimate applications. The malware DroidDream exploited a bug which was present in Android versions older than 2.2.2.
Researchers have discovered a new variant of the insidious Zeus trojan that is designed to run on Google Android smartphones, security researchers have warned.
The malicious program is a new version of Zitmo, a mobile trojan application first discovered last year that stands for “Zeus in the mobile,” Derek Manky, a senior security strategist at network security firm Fortinet's FortiGuard Labs, told SCMagazineUS.com on Tuesday.
Security researchers have come across a new Android Trojan that sends Short Message Service communications to prime-rate numbers. This comes shortly after reports emerged that the Zeus gang has come up with an Android version of their banking malware.
F-Secure says it has observed a number of Android apps being `repackaged' with advertisement modules added in, so generating revenue for the repackagers.
The good news for Android device users is that they get their apps for free, but, says the firm, it also shows how easy it is for hackers to clone an existing app for their own darker usage.
No stone is left unturned, no option unexplored when it comes to online spamming, and the latest approach has shown that malware authors are not the only ones who have taken advantage of the fact that Android apps are written in Java and are, therefore, easily cloned.
"We've been seeing a rash of repackaged applications posted on the official Android Market," says an F-Secure researcher. "The repackaged application has the same modules as the original, but includes an advertisement module."
Criminals who infect personal computers worldwide with malicious software programs, hoping to steal credit card numbers and other personal data from computer users, are setting their sights on a new target: the millions of smartphones running Google Inc.’s Android software.
Recently we discovered a new Trojan in the wild, surfacing in alternative Android markets that predominately target Chinese Android users. This Trojan, which we’ve dubbed jSMSHider due to the name used inside the APK, predominantly affects devices with a custom ROM.
Custom ROMs are custom built versions of Android, which have been released by third-party groups. The manufacturer or carrier do not traditionally endorse custom ROMs. (If you do not know what a custom ROM is, and do not think you’ve downloaded a custom ROM, you are probably not affected.)
While continuing an Android-related research project after the discovery of the DroidKungFu and YZHCSMS malware, my research team also came across a new stealthy Android spyware in the Official Android Market. This spyware does not attempt to root Android phones but instead is designed to be stealthy by running the payload under the radar.
Tenable has released an Android application for its Nessus Vulnerability Scanner, enabling Nessus users to remotely connect to a Nessus server, launch scans and review reports from their Android devices.
“Network security isn’t a 9-5 job,” said Ron Gula, CEO of Tenable Network Security. “The ability to conduct vulnerability scans and review results anytime from anywhere is exactly what enterprise IT and security professionals expect from their software and service providers, and it’s what they need to keep their networks safe, 24/7.”
