Symantec recanted their earlier report on 13 Trojan-carrying Android Market applications. The report concluded that a Trojan called Android.Counterclank was proliferating in Android Market, and up to 5 million installations of the malicious app may have occurred. Three app developers were identified as distributors of allegedly Trojan-laced games in Marketplace: iApps7 Inc., Ogre Games and redmicapps.
Lookout Security challenged Symantec’s claims and investigated the issues. Lookout reported the apps displayed behaviors of an ad-supported program, not that of a Trojan. Lookout did agree with Symantec’s observation that the ad network code operated more aggressively by changing the Android device’s browser home page, adding extra shortcuts to the desktop and adding/removing bookmarks. Tim Wyatt, a principal engineer with Lookout said the ad network is similar to other ad networks, but did not disclose which network was being used by the 13 apps.
This ad network does have the capability to enter bookmarks in your browser, which is different from other ad networks. But a lot of its functionality is being embedded in other apps. Part of the business model of the company that owns the ad network is to add search conducted from apps.
Symantec issued an update, explaining further results from their investigations.
Since our initial blog post, we have determined the code in the Tonclank and Counterclank applications comes from the same vendor. The vendor is a company who distributes a SDK (software development kit) to third parties to help them monetize their applications, primarily through search… Due to the combined behavior of the applications, negative feedback from users who installed the applications, and the fact that previous applications (Android.Tonclank) using this code were initially suspended from the Google Market, we chose to notify users of Counterclank.
Whatever the case may be, it’s always better to be safe than sorry. You should still keep up with the latest by industry security experts — who keep an eagle eye out for the potential threats to your smart device (and your private information), and watch what you download and install.