Android Security Alert: New Malware Apps Found in the Android Market Over the Weekend

So, it looks like the Android Market was infected with some new malware apps over the weekend and if I said I was surprised, I’d be lying. This seems to be a regular occurrence and as bad as it sounds, I’m already getting used to it.

Lookout Mobile Security (who is not “funding” this post, by the way) found some new apps on the Android Market by the developer Mobnet that were infected with a new variant of the DroidDream Lite malware. This time these weren’t the obvious “XXX Nude Japanese Squid Girls” but were more legitimate looking apps. The apps in question were Quick FallDown, Scientific Calculator, Bubble Buster and Best Compass & Leveler (a legitimate app of the same name exists). The part I found most alarming was the fact that some of these infected apps were downloaded 1,000- 5,000 times before Google could pull them from the Market.

The developer “Mobnet” is also said to be the same developer responsible for the first string of apps oringally infected by the DroidDream virus and were pulled back in March. Why this guy is still releasing infected apps is anyone’s guess. Just be careful out there. I don’t think many our readers will get duped into downloading malicious apps like these but some of our more “noob” friends and family might now be as aware. Just be sure to let them know to look for apps with the same name and icon as another and to always read the ratings before downloading.

[Via TheLookoutBlog]

Continue reading:

TAGS:



  • http://twitter.com/TwiTati Tati

    I am really getting tired of this. Come on Google, this is getting ridiculous.

  • RockingmyEvo3d

    I have lookout and netqin on my device and it works so well. I always read all review in the market then sometimes venture off to read other reviews posted in the app Brian market before I download anything on my device.

  • http://www.androidpolice.com/author/ron-amadeo/ Ron Amadeo

    “Lookout Mobile Security (who is not “funding” this post, by the way)”

    I agree, this post *does* look like a shameless advertisement. Perhaps you should point out that lookout is selling a product and has a vested interest in this fear mongering.

    • mwaterous

      This post didn’t invoke the slightest urge for me to go out and download Lookout; instead it reinforced the fact that I’d rather know what’s up than be responsible for a proverbial head in the sand approach to problems. There’s malware out there, none of it is scary enough for me to want to leave Android, but I’d like to know Google has some plans to deal with it.

      PS, thanks Lookout, keep up the good work.

    • bpank

      “fear mongering” / Really, it’s the furthest thing from fear mongering… It’s simply a great app that does it’s job (very well). How the hell is this fear mongering when they are working their asses off providing great software that actually does it’s job? IMHO you are way, way off with your statement…

  • mwaterous

    I think that’s a pretty solid indicator that Google needs to assign a team to start locking down the market (I’m sure + could spare a few peeps). There’s enough apps in there that the numbers don’t matter anymore, the quality does!

  • Johan Appelgren

    Why use the word “infected”? Neither the apps or the Market was infected in any way. By the looks of it these apps even asks for permission to send sms messages. Imo, unless it is an messaging app there’s no reason to ever install an app that requires that permission. Maybe Google should add a more scary looking warning every time you try to install an app that wants to make calls or send sms messages. :)

  • http://techotrack.com Venu

    Google needs to assign a team to clear the market and make it malware free.

  • cowgar

    well it has already begun…(or history repeats itself)

    antivirus software is one of the most sold software application in PC market with an excellent revenue/profit model (you pay _each_ year for a licence) and android market is a virgin new market for these companies to chew on (where iOS market is a dead horse territory – thanks to steve’s censorship and un-rooted phones)

    so it just makes a sense for these companies to work-on/release malware products (which competing companies won’t catch) alongside the antivirus products – and sell those antivirus appz to android customers.

    after all, four hundred _thousands_ of devices activated per day, soon to be half-million per day, are some “new millions” to be earned, each year…

    android market definitely needs some “censorship”, not as sick as on iOS (where inapropriate color which steve hates will ban you) just to look for suspicious permissions (depending on category) or behaviour, not user experience

    in the end, it’s in the hand of user, but even after years of PCs few are so knowledgable to _not_ to click on “Rosie Huntington director blowjob.exe” received by e-mail, so how can we expect one to look on something like “permissons” and _not_ install spywares like SKYPE 2.0 on android is (well, I just laugh of this POS all the time)

    • eclipsenyou

      Here, I’ve got a tin foil hat for you.
      What an idiot!

  • http://www.facebook.com/TimidRat Justin Larsen

    Cowgars right. Screw lookout, theyre creating the malware to sell the fix, its bullshit.

    • Chris Rogers

      I’m sure you also think the US government staged 9/11 to get control of people’s private information.

      • Guest

        No, they staged 9/11 to overhaul the middle east and further the interests of all those who have a stake in the continuation of Americas Military Industrial Complex. Oh… And to secure regional natural and mineral resources.

  • davidvella

    You know they sure did get a lot of value for “not funding this post”. Logo used for image art, check. Link to download software, check. No mention of competition, check.

    • http://www.facebook.com/people/Cris-Tate/1820221201 Cris Tate

      Lookout is the one that reported it, that’s why they got the credit. And they always provide a link when they put any software or hardware in an article. And why do they need to list competitors? This isn’t an article saying “you need an antivirus”, it says “maleware was found and these are the people that reported it”.

      If they didn’t give credit to their sources I’m sure there would be people jumping there shit for that.

  • http://twitter.com/binglut9 Brian

    I dont understand why they dont ban this guys ip address or black list him…. as a developer you should in order to set up a developer account provide a social securtiy number or some kind of Identification number and if this happens all you do is ban him from ever opening or putting apps into the market…I dont mind I have always used lookout but for my friends who are clueless they wouldnt even know they downloaded it…So for this google needs to step up its game and find a way to check developers or their apps…I would not mind

  • DarrenR

    I dont understand all the people that say this is advertising. If you make a good product that solves the problem at hand, then I dont see the issue.

  • Michael Lachmann Tamarlin

    The problem is that the only report given of this “malware” is the lookout blog. Is there any independent verification of this? What exactly will the malware do? Download an updated version of itself after asking the user to do that? What else?

    But now, it isn’t just news by some unknown bog “lookout blog”, but instead by phandroid, ubergizmo, and more. I need independent info!

    • http://twitter.com/savagejeep SavageJeep

      I’ll take the fact that Google pulled their app as confirmation (on this one at least). I do however understand your point.

  • Giant_Bubble_Guy

    I found Lookout cut my battery DInc2 life by about 50%. Nice idea, not so nice implementation.

    • eclipsenyou

      I’ve been running lookout for 2 months without a problem. It doesn’t run in the background and only activates when you download an app. 50% cut in battery life is a crock, nice try.

      • Giant_Bubble_Guy

        That’s great for you. I wish it didn’t kill my battery life, as a little extra security would be nice. If software ran exactly the same on all hardware we would probably have had the same experience with Lookout. Read the reviews for it on the Market. I’m not the only one that’s had that problem with it.

        • http://twitter.com/savagejeep SavageJeep

          Agreed. It does drain resources. I know that it also pulls location data and that GPS can be a killer at times.

        • Guest

          Change scan settings to once a week. Problem solved.

          • Giant_Bubble_Guy

            I hadn’t thought to see if I even could. I’ll give that a try. Thanks.

  • http://www.facebook.com/profile.php?id=1326527816 Eric Silva

    Another Apple fanboy dick creating malware/viruses to annoy android users.

    • xero925

      That’s exactly right. Apple’s days are coming too, you watch!!!!

  • gallery69

    Don’t really think I need Lookout but if I’m rooted will Lookout see superuser and other apps with root access as malware or viruses?? Thanks for any info on that.

    • Guest

      No, it wont.

    • http://profiles.google.com/eckoinlasvegas Steven Skwarkowski

      No…i have lookout on a rooted device. you are fine. the program works well

  • http://pulse.yahoo.com/_ES4MO7YQXGEP5IWG5E3HNXZX7Q Huapeng

    is there a lookout app for apple