Friday, March 11, 2011

NEWS!!!!!! -- Android users hit by trojan hidden inside fake Google security tool

The security reputation of the Google Android platform has been rocked once again, this time with reports that a fake Google security tool containing a trojan has been circulated.

Ironically, the legitimate version of the utility – Android Market Security Tool – was pushed by Google earlier this month in response to the infections of the DroidDream malware.
As previously reported by Infosecurity, these infections stemmed from the download of infected versions of previously legitimate apps from the Android Market, the online store maintained by Google for smartphone users.
Hackers have subverted the patch/security tool by infecting it with the Android.Bgserv trojan, Infosecurity understands.
According to Mario Ballano, a Symantec security researcher, the fake Google security tool appears to have originated from a Chinese third-party apps website.
The trojan, he reports, seems to be able to send SMS messages if instructed by a command-and-control server located at hxxp://
"Analysis of the application is still ongoing, however, what is shocking is that the threat's code seems to be based on a project hosted on Google Code.

See the ful article


No comments:

Post a Comment

Note: Only a member of this blog may post a comment.