Around 30,000 To 120,000 Android Users Affected By A New Malware, Here’s How To Protect Your Phone

Android Malware

This piece of malware is the second iteration of a previous threat, known as "DroidDream", which hit the platform last March, that had the ability to download malicious packages onto the device.

This new malware, known as "DroidDreamLight" is essentially similar to the previous version: it uses fake Android Apps on the Android Market in order to spread and, just like the original "DroidDream", it's able to download malicious packages onto the infected device. However, unlike its predecessor, it can't download those in the background, meaning that the risk of infection is much lower, although it can still harm unsuspecting users. "DroidDreamLight" can also contact remote servers even when the infected app isn't running, making the threat more dangerous. Once an infected App is downloaded, the malware will immediately send out information about the device's specifications to a remote server:

Malicious components of DroidDream Light are invoked on receipt of a  android.intent.action.PHONE_STATE intent (e.g. an incoming voice call).  DroidDream Light is not, therefore, dependent on manual launch of the installed application to trigger its behavior.  The broadcast receiver immediately launches the <package>.lightdd.CoreService which contacts remote servers and supplies the IMEI, IMSI, Model, SDK Version and information about installed packages.

The malware's authors have modified reputable Apps commonly available from the Android Market and repackaged them with the infected code. The fake Apps were then submitted back to Google's own Android Market using 5 different developer accounts. Please stay alert if you've downloaded any of the following Apps recently:

Magic Photo Studio

  • Sexy Girls: Hot Japanese
  • Sexy Legs
  • HOT Girls 4
  • Beauty Breasts
  • Sex Sound
  • Sex Sound: Japanese
  • HOT Girls 1
  • HOT Girls 2
  • HOT Girls 3

Mango Studio

  • Floating Image Free
  • System Monitor
  • Super StopWatch and Timer
  • System Info Manager

E.T. Tean

  • Call End Vibrate

BeeGoo

  • Quick Photo Grid
  • Delete Contacts
  • Quick Uninstaller
  • Contact Master
  • Brightness Settings
  • Volume Manager
  • Super Photo Enhance
  • Super Color Flashlight
  • Paint Master

DroidPlus

  • Quick Cleaner
  • Super App Manager
  • Quick SMS Backup

Infected applications have already been removed from Android's marketplace, but be on the lookout, since there's the possibility that this threat might arise once again.

How to protect yourself: Download an anti-malware program for Android, such as Lookout, AVG for Android and SmartGuard Mobile Security and keep it updated. We're going to start taking the security of our smartphones as seriously as the security of our PCs.

An open platform such as Android has sure brought many benefits, but just as many shortfalls as well. The fact that there's no approval process for Android Apps makes the platform incredibly vulnerable, especially due to its rising popularity. Please download an anti-malware application to ensure your device's safety.

(via ReadWriteWeb)

You can follow us on Twitter or join our Facebook fanpage to keep yourself updated on all the latest from Microsoft, Google and Apple.

According to Lookout, an Android anti-malware maker, there’s a new threat in the wild that is said to have affected between 30,000 and 120,000 headsets already.

This piece of malware is the second iteration of a previous threat, known as "DroidDream", which hit the platform last March, that had the ability to download malicious packages onto the device.

This new malware, known as "DroidDreamLight" is essentially similar to the previous version: it uses fake Android Apps on the Android Market in order to spread and, just like the original "DroidDream", it’s able to download malicious packages onto the infected device. However, unlike its predecessor, it can’t download those in the background, meaning that the risk of infection is much lower, although it can still harm unsuspecting users. "DroidDreamLight" can also contact remote servers even when the infected app isn’t running, making the threat more dangerous. Once an infected App is downloaded, the malware will immediately send out information about the device’s specifications to a remote server:

Malicious components of DroidDream Light are invoked on receipt of a  android.intent.action.PHONE_STATE intent (e.g. an incoming voice call).  DroidDream Light is not, therefore, dependent on manual launch of the installed application to trigger its behavior.  The broadcast receiver immediately launches the <package>.lightdd.CoreService which contacts remote servers and supplies the IMEI, IMSI, Model, SDK Version and information about installed packages.

The malware’s authors have modified reputable Apps commonly available from the Android Market and repackaged them with the infected code. The fake Apps were then submitted back to Google’s own Android Market using 5 different developer accounts. Please stay alert if you’ve downloaded any of the following Apps recently:

Magic Photo Studio

  • Sexy Girls: Hot Japanese
  • Sexy Legs
  • HOT Girls 4
  • Beauty Breasts
  • Sex Sound
  • Sex Sound: Japanese
  • HOT Girls 1
  • HOT Girls 2
  • HOT Girls 3

Mango Studio

  • Floating Image Free
  • System Monitor
  • Super StopWatch and Timer
  • System Info Manager

E.T. Tean

  • Call End Vibrate

BeeGoo

  • Quick Photo Grid
  • Delete Contacts
  • Quick Uninstaller
  • Contact Master
  • Brightness Settings
  • Volume Manager
  • Super Photo Enhance
  • Super Color Flashlight
  • Paint Master

DroidPlus

  • Quick Cleaner
  • Super App Manager
  • Quick SMS Backup

Infected applications have already been removed from Android’s marketplace, but be on the lookout, since there’s the possibility that this threat might arise once again.

How to protect yourself: Download an anti-malware program for Android, such as Lookout, AVG for Android and SmartGuard Mobile Security and keep it updated. We’re going to start taking the security of our smartphones as seriously as the security of our PCs.

An open platform such as Android has sure brought many benefits, but just as many shortfalls as well. The fact that there’s no approval process for Android Apps makes the platform incredibly vulnerable, especially due to its rising popularity. Please download an anti-malware application to ensure your device’s safety.

(via ReadWriteWeb)

You can follow us on Twitter or join our Facebook fanpage to keep yourself updated on all the latest from Microsoft, Google and Apple.