Symantec updates Android Malware claim, No Malware

[still1]

Symantec confirmed that its not a malware... alright now,i am not going to use symantec software ever in my life.

Symantec has "adjusted" its statement to Computer World that as many as 5 million Android users may be affected by the latest bit of malware, coming to the conclusion that the applications in question are simply using an aggressive ad network SDK. This mirrors the statement issuedby Lookout, as well as our own. (And as well as Computer World's Android Power faction.)

After initially telling users that the "malicious code" found in 13 Android Market applications was malware and capable of data theft and other nefarious activity, Symantec now says the apps in question are more akin to Windows adware and not inherently malicious.

In other words, it's crapware. This we can all agree with. The apps in question use an advertisement SDK that allows things none of us likes -- it can add bookmarks, change your homepage, add shortcuts to the home screen and the like. We've all installed some free Windows program from the web, and had it install (or try to install) browser toolbars, add shortcuts to the home screen for more spammy programs. We all hated it then, and we hate it now. What we hate even more is when a company that claims to be acting in the interest of our security jumps the gun and labels these types of programs the same way it would label a bot or trojan.

We're mostly informed users here, and quickly realize the difference. But how many of those who stumbled across websites parroting Symantec's cries of five million infected are as Android savvy as we are? There's a good chance that it's not that many. Instead those readers were left confused and concerned that they had been "hacked."

We hope that the rest of the web that followed along will update their stories with today's news. And more important -- we hope that app developers stay far away from this sort of thing. Lord knows we're going to stay away from them if they don't.

http://www.androidcentral.com/symantec-updates-its-counterclank-malware-claims

[HawkMan]

Having read what the "software" does and how it does it, no it's still malware. delivered by a trojan.

[alexalex]

"This we can all agree with. The apps in question use an advertisement SDK that allows things none of us likes -- it can add bookmarks, change your homepage, add shortcuts to the home screen and the like"

?This is a malware behavior.

[still1]

"This we can all agree with. The apps in question use an advertisement SDK that allows things none of us likes -- it can add bookmarks, change your homepage, add shortcuts to the home screen and the like"

?This is a malware behavior.

I don't know if you are being sarcastic here, but that's not a malware behavior its an adware behavior.

but in the world of advertisement that's ok these days... start a topic in Neowin about ads and you can see most justifying.

[HawkMan]

I don't know if you are being sarcastic here, but that's not a malware behavior its an adware behavior.

but in the world of advertisement that's ok these days... start a topic in Neowin about ads and you can see most justifying.

Err no, if a program changed your hompage, added shortcuts and added a bunch of bookmarks on your computer, you'd definitely call it malware. because it is.

[xendrome]

If it alerts the user to what it is going to do, then it is Adware, if it does not, it is Malware. Anyone know if it alerts the user to the changes prior or during install?

[Gerowen]

People still think Symantec is a reliable source of security information? I mean, the source code to many of their products was stolen directly from their servers, and it took them 5 years to figure it out...

[still1]

If it alerts the user to what it is going to do, then it is Adware, if it does not, it is Malware. Anyone know if it alerts the user to the changes prior or during install?

In the description they clearly mention that. the below link is a market link for one of the app that was said to be affected.

https://market.android.com/details?id=com.christmasgame.wildjump#?t=W251bGwsMSwxLDIxMiwiY29tLmNocmlzdG1hc2dhbWUud2lsZGp1bXAiXQ..

[still1]

Err no, if a program changed your hompage, added shortcuts and added a bunch of bookmarks on your computer, you'd definitely call it malware. because it is.

malware try to steal your personal info!!! Its sad how people don't even understand the difference between a malware and an adware.

also they dont do it maliciously. they mention that in the description of the app.

[linsook]

malware try to steal your personal info!!! Its sad how people don't even understand the difference between a malware and an adware.

also they dont do it maliciously. they mention that in the description of the app.

Thats spyware. Malware is a more general term.

Malware, short for malicious software, is software (or script or code) designed to disrupt computer operation, gather sensitive information, or gain unauthorized access to computer systems. It is a general term used to describe any kind of software or code specifically designed to exploit a computer, or the data it contains, without consent. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software.

Malware includes computer viruses, worms, trojan horses, spyware, dishonest adware, most rootkits, and other malicious programs. In law, malware is sometimes known as a computer contaminant, for instance in the legal codes of several U.S. states, including California and West Virginia.

http://en.wikipedia.org/wiki/Malware

[evo_spook]

I'd definitly

Thats spyware. Malware is a more general term.

http://en.wikipedia.org/wiki/Malware

Agree Malware is a general term that will cover many things, adware being one of it. A program that takes control of services without your consent is definitly Malware.

I can't believe the situation is so bad now that people kill the messenger rather then demanding Google start taking a bigger interest in safeguarding the market. Stop giving Google a easy time, the market needs to be secure, they need to give every one the security and peace of mind to shop their safely. If they dont it'll only be to androids disadvantage.

[techbeck]

Looks like Symantec and Lookout now agree. Not malware, not an issue. And whatever is done is not used for malicious intent.

[HawkMan]

malware try to steal your personal info!!! Its sad how people don't even understand the difference between a malware and an adware.

also they dont do it maliciously. they mention that in the description of the app.

it's sad how little you understand of terminology as well. Malware does "damage" in some way. what you're thinking of is spyware.

[evo_spook]

Looks like Symantec and Lookout now agree. Not malware, not an issue. And whatever is done is not used for malicious intent.

I'd say "it can add bookmarks, change your homepage, add shortcuts to the home screen and the like"

Was malicious. If the settings of you machine (homepage) are getting altered without your consent then I'd say its definitly a issue.

[still1]

Thats spyware. Malware is a more general term.

http://en.wikipedia.org/wiki/Malware

yup by your explanation an adware is only a malware if its dishonest!! it didnt say adware in general is malware but only dishonest ones.

but in this case the app developers are not dishonest they mention that they are doing this in the description of the app. so by that stand its still adware not a malware in general.

[44MLX]

Not downloading new apps from Android Market.

[techbeck]

I'd say "it can add bookmarks, change your homepage, add shortcuts to the home screen and the like"

Was malicious. If the settings of you machine (homepage) are getting altered without your consent then I'd say its definitly a issue.

It has the capability to do so...but does it actually do it?

Not downloading new apps from Android Market.

Then you may as well stop downloading on all platforms all together then.

[evo_spook]

Then you may as well stop downloading on all platforms all together then.

Not really, the others make attempts to put checks and measures in place.

Google is like absent landlord. Need to put a stop before the situation gets much worse.

Defend it as no a big deal and it carrys on, maybe getting worse and worse. Hold them to account and the market can only prosper.

[techbeck]

Not really, the others make attempts to put checks and measures in place.

Was referring to computers mainly with what I said.

[evo_spook]

If Amazon store was available in my country I would probs use them more then Google Market.

1. They look like they check the apps that go in

2. Amazon's interest is in provider a good shopping environment

3. I have more confidence with Amazon handling my credit details then I do Google

If Google is going to have the market then it needs to take control, I'd almost prefer it if they gave control of it to a third party as they don't seem to have interest in it themselves.

[LaP]

I'd definitly

Agree Malware is a general term that will cover many things, adware being one of it. A program that takes control of services without your consent is definitly Malware.

Yep it's malware (spyware). But it's not a trojan.

[LaP]

I'd say "it can add bookmarks, change your homepage, add shortcuts to the home screen and the like"

PC app can do that to.

As long as the app warn the user it's not different than the countless of apps installing search bars and the like on PC.

In fact on PC apps doing it without warning the user are not even considered malware.

Try to install applications by companies like Cyberlink you'll see you'll get more than the application itself (anyway was the case last time i used their product). As long as you can remove the crap it's called bloatware. Apps spying on you are called spyware.

[HawkMan]

It has the capability to do so...but does it actually do it?

it's what it does, when you install the app it changes your homepage and adds new apps to your home screen.

Yep it's malware (spyware). But it's not a trojan.

It's malware and possibly spyware, delivered as a Trojan.

PC app can do that to.

As long as the app warn the user it's not different than the countless of apps installing search bars and the like on PC.

In fact on PC apps doing it without warning the user are not even considered malware.

Try to install applications by companies like Cyberlink you'll see you'll get more than the application itself (anyway was the case last time i used their product). As long as you can remove the crap it's called bloatware. Apps spying on you are called spyware.

No those programs are actually called either badware or Malware today depending on the severity. bloatware is something else. cyberlink is badware. closing in on malware.

[still1]

it's sad how little you understand of terminology as well. Malware does "damage" in some way. what you're thinking of is spyware.

so placing an icon on the desktop and having a bookmark is damaging? if they say they are doing it then how is that a tronjan???

haters gonna hate... some post and bash just because they are ipoo fan.

[techbeck]

it's what it does, when you install the app it changes your homepage and adds new apps to your home screen.

Not what Symantec or Lookout said. They said it has the capability to do so...not that it does. Have you installed any of the "infected" apps to see?