Andima

Symantec has detected a new Trojan horse called Android.Counterclank, which attaches to applications in the Android Market and may be used to run malicious code on users' smartphones and tablets.

A nasty piece of malware called Android.Counterclank that Symantec (NASDAQ:SYMC) said has the highest distribution of any malware this year to date is making the rounds on Android smartphones and tablet computers.
Symantec counts anywhere from 1 million to 5 million combined downloads of the malware, spanning 13 different application titles.



Full story at eweek - Android Counterclank Malware Assails Android Market: Symantec - Security - News & Reviews - eWeek.com

__________________

jerofld

A good number of those apps have already been removed by Google. The ones by Ogre Games I'm not so sure are malware, but I'd bet they use AirPush ads, which Symantec might be considering 'malware'. Considering they said the games collect personal information and then download files, mostly ads, to display in the notification bar...I'd bet it's just more AirPush advertising. Because, if browser tracking for the purpose of ads is malware, then Google is full of malware.

zuben el genub

Just because Symantic says so, I still won't use them. Eset also has an app for android. I'd buy Eset instead. Kapersky and Avast also have apps.

As using the phone for your credit card takes off, I will be more interested in AV/or anti-trojan. I won't use the phone that way, but I have friends who will.

Harry2

Symantec calls it malware but Lookout says it's an aggressive advertisement component

Lookout writes:
It is capable of identifying the user uniquely by their IMEI number, for instance. But unlike some networks, this SDK forward-hashes the IMEI before sending to its server. They're identifying your device, but they are obfuscating the raw data. (That's a good thing.)

The SDK has the capability to deliver AirPush Notifications ads to the user. We're not huge fans of push notifications, but we also don't consider push notification advertising to be malware.

The SDK drops a search icon onto the desktop. Again, we consider bad form, though we don't consider this a smoking gun for malware provided the content that is delivered is safe. In this case, it is simply a link to a search engine.

The SDK also has the capability to push bookmarks to the browser. In our opinion, this is crosses a line; although we do not believe this is cause to classify the SDK as malware.

Harry

__________________
Google Translator is to blame for my English

Last edited by Harry2; January 30th, 2012 at 12:16 AM.