Mobile-specific malware has become a growing concern in recent years with the rise of internet-connected mobile devices and applications. While more businesses and consumers are taking steps to protect themselves from such threats, the issue remains a pressing one.
According to data security blogger Andrew Brandt of Webroot, a new piece of spyware has been discovered in the coding of apps related to the popular Angry Birds mobile game for Android devices.
While the Angry Birds app itself is not infected, Brandt stated that several apps advertised to help users unlock levels or that offer tips contain malicious coding. Among the malicious apps are Angry Birds Rio Unlocker v1.0, Angry Birds Cheater Trainer Helper v2.0 and Angry Birds Multi User v1.00.
"None of the programs function as advertised," Brandt wrote. "Instead, the malicious apps install additional code into the Android device into which they’re installed. These additional functions provide remote access and control of the Android device to, presumably, the distributor of the malicious apps, whose identity remains unknown at this time."
The malware in question was discovered by North Carolina State University assistant professor Xuxian Jiang and his research team. In a recent blog post, Jiang said the malware, dubbed Plankton, was found in at least 10 apps on Google's Android Market.
According to Jiang, Plankton exploits Dalvik-class loading capabilities to "stay stealthy and dynamically extend its own functionality," which makes it difficult to detect even with antivirus software.
Once downloaded, Plankton loads a background service that provides the intruder access to sensitive data on the device, including browser history, bookmarks, homepage shortcuts and other information. Jiang also stated that the malware may also be able to steal user accounts.
As the threat of mobile malware continues to mount, it may be beneficial to equip mobile devices with antivirus software for data protection purposes. However, as seen with Plankton, some malware is more mischievous than others. Thus, it would also be advisable to only download apps from reputable distributors.
