Some of the apps discussed in this blog entry were developed with an older adware SDK that did not contain opt-in provisions, particularly regarding the ability to collect information and display ads outside of the original app. The adware SDK has since been updated to this capability to comply with Google’s developer policies; apps that use this newer version are no longer considered high-risk.
More details about this change can be found in our December 2012 Monthly Mobile Review: The Hidden Risk Behind Mobile Ad Networks.
Our monitoring of popular Android app stores during the latter weeks of August revealed that the number of apps detected as ANDROIDOS_PLANKTON variants has increased rapidly.
ANDROIDOS_PLANKTON was initially uncovered by North Carolina State University two months ago and was noted for its capability to download payloads and execute commands from a remote user. The discovery was also dubbed “largest Android malware outbreak ever” because of the millions of apps that contained dubious code similar to PLANKTON. During our research, the presence of this malware grew in Google Play between August 19 – 25.
Another notable trend we saw in our monitoring is the fact that the number of adware disguised as normal apps has increased. Adware are known to display multiple ads on an infected device to possibly generate profit for its developers. The most number of adware available on these websites were ANDROIDOS_ADWIZP, ANDROIDOS_AIRPUSH, ANDROIDOS_ADSWO, ANDROIDOS_LEADBOLT.
Trend Micro customers are now protected from these, as the Trend Micro Mobile Security for Android detects these malicious apps. It prevents installation of these malicious apps on mobile devices.
Malware disguised as Android apps are not fading from the threat landscape anytime soon. For their part, users should always be cautious before downloading apps. Being informed about the reputation of the app and its developers can come a long way when it comes to securing your mobile devices.
To know more about how to secure your devices, you may refer to the following Digital Life e-Guides: