"Plankton Trojan" found in Android Market

By alexalex
in Android Support

 Share

Recommended Posts

Grand Master

alexalex

Posted
Posted

Google says it has suspended a number of suspicious applications from the Android Market after researchers at NC State announced they had discovered a new and particularly stealthy piece of spyware, dubbed "Plankton," lurking in Android applications there.

According to a report by computer science professor Xuxian Jiang, the Plankton spyware represents an evolution in Android malware by attempting to obscure itself using a native class loading capability, rather than trying to gain root access to Android phones

Ten Android apps in the Official Android Market are known to infected, but many more could be victims of the Plankton Trojan. Jiang claims that early variants of the Trojan have evaded detection for as long as two months.

Plankton works like a parasite: latching onto its host applications as a background service which has no affect on that apps intended purpose. When a user runs an infected application on their Android phone, Plankton collects information such as the device ID and list of granted permissions and sends them via HTTP POST message to a remote update server

That remote server returns a URL pointing to an executable file for the device to download. Once downloaded, the jar file is dynamically loaded. In this way, the payload evades static analysis and is difficult to detect.

http://threatpost.com/en_us/blogs/google-spyware-found-removed-android-market-061311?utm_source=Newsletter_061311&utm_medium=Email+Marketing&utm_campaign=Newsletter&CID=&CID=&CID=

Link to comment
Share on other sites
Grand Master

presence06

Posted
Posted

This is a just a bunch of FUD. everyone knows that android apps and devices are immune to viruses and bugs. Just Apple sheep and Microsoft fanboys spreading crap.

Umm... do you live under a rock?

Pretty sure that Google has removed a few apps that were installing malware on peoples devices. Pretty sure it's not "FUD" and they're no immune. Neither is Apple.

Link to comment
Share on other sites
Grand Master

revvo

Posted
Posted

This is a just a bunch of FUD. everyone knows that android apps and devices are immune to viruses and bugs. Just Apple sheep and Microsoft fanboys spreading crap.

*sarcasm detector blows up*

No system is immune to viruses.

Link to comment
Share on other sites
Grand Master

Ironman273

Posted
Posted

This is a just a bunch of FUD. everyone knows that android apps and devices are immune to viruses and bugs. Just Apple sheep and Microsoft fanboys spreading crap.

1133341-notsureifserious_super.jpg

Link to comment
Share on other sites
Proficient

Pierce28

Posted
Posted

This is a just a bunch of FUD. everyone knows that android apps and devices are immune to viruses and bugs. Just Apple sheep and Microsoft fanboys spreading crap.

As a student of NC State's Computer Science department who has heard of Xuxian Jiang (but sadly not met him), I can assure you he's not "just apple sheep and microsoft fanboys". The real question is - who the hell downloads those crap apps?

Link to comment
Share on other sites
Grand Master

alexalex

Posted
  • Author
Posted

This is a just a bunch of FUD. everyone knows that android apps and devices are immune to viruses and bugs. Just Apple sheep and Microsoft fanboys spreading crap.

Like those anti-virus companies writing viruses, Google in writing Trojans app into Android Market :-)

Link to comment
Share on other sites
  • 4 months later...
Community Regular

dancedar

Posted
Posted

Awesome. I think I have this - cannot get rid of searchwebmobile.com in my browser, yet I've never downloaded anything dodgy from the market let alone anywhere else.

Ideas on how to get rid of it? All the Android scanners I've tried don't detect it.

Link to comment
Share on other sites
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.