It does appear that there isn’t a day that goes by where we don’t hear about some data-stealing Android Trojan app. So I’m not surprised that mobile app malware developers are continuing to focus on ‘geo-specific’ data collection and using in particular, rogue Android apps in China.
The latest rogue Trojan app is called ‘Android/AdBoo.A’ and targets Chinese users. The app lets users choose an SMS message template and then asks them to choose the contact to whom the greeting will be sent. The app actually doesn’t send the SMS greeting, in fact it fails to send the greeting by prompting with “Sending Fail”. The rogue Trojan app silently collects your mobile model/number, Android version and IMEI number and sends to a Remote Command and Control Server. Nothing too severe, but it’s still intrusive and this is only the start – expect more ‘sensitive’ data to be stolen from your device using these types of rogue apps over time.
It’s no surprise that Chinese Android users are major targets for Trojan apps. The problem in China right now is primarily connected to the fact users don’t download apps from the genuine Android Market – they use third-party in-country app stores. Malware writers can upload their malicious apps without certification or review. That said, the genuine Android Market also hasn’t adopted an app certification/review model similar to Apple and RIM. So no good news here either, I’m afraid folks. 🙁
So, with little or no app publication control, this has ultimately led to the proliferation of rogue Android apps (which might I add offers poor app discoverability compared to the Apple App Store :() which are usually only taken offline by eagle-eyed end users rather than the Google Android team.
Safe surfing folks!