Trojan found in 13 games on the official Android Market

By +Frank B.
in Android Support

 Share

Recommended Posts

Grand Master

techbeck

Posted
Posted

If you don't think that this needs improving before it starts damaging android, then I'm speechless.

Never said that the Android Market does not need improving and was not commenting on that...or I would of quoted that part of what you said. I am commenting on the OP and voicing my opinion saying that these apps are not damaging and why Google has not removed them as of yet. And thats all this "issue" is at the moment...an opinion. Unless Symantec can prove malicious intent, or Lookout disproves it.

Proficient

srbeen

Posted
Posted

Use some common sense and you'll be fine folks.

Step one: don't install stuff that permissions don't make sense (premium Text services, voice calling, voice recording, gps, etc)

Step two: check ratings/reviews of the product

Step three: use a firewall to protect yourself/apps from accessing the network. Droidwall I recommend. Very easy to configure. If it can't get online then its not doing anything!

Other than that, every platform has flaws.

Everyone refers to Apples sandbox as perfect but reviewing this it seems it isn't perfect either:

http://www.iphonehacks.com/iphone_apps_banned_or_removed

Community Regular

funkydude

Posted
Posted

imo you should call this a spyware. Cause by the look of it this is what it is.

Doesn't look like a trojan to me.

How is that any better?

Other than that, every platform has flaws.

Everyone refers to Apples sandbox as perfect but reviewing this it seems it isn't perfect either:

http://www.iphonehacks.com/iphone_apps_banned_or_removed

Objectionable content aside, there is no malware in that list. A better comparison would probably be the WP marketplace as they don't exactly follow as many "ethics" as Apple do.

Mentor

SharpGreen

Posted
Posted

No according to that it's most definitiely a trojan, only a fanboy would claim an app that does all that is not when it sneaks in as part of another app that you haven't requested.

And only someone who blindly hates would discredit an article proving him wrong. Its what you do, and I accept that.

Not every user is tech savvy or enjoys spending his day reading and checking what it does, how it does it and how it can affect him. iPhone users at least don't have to worry about that and I think it goes the same way with WP. We need to try and see here we're not the only ones using technology and not everyone enjoys learning as much as others do about it.

If you can't take the time out to learn how to properly secure your crap, then I (and I imagine others as well) won't feel bad when you get it infected with a real trojan or some other bit of malware. In this day and age, not securing your stuff is just asking for trouble. "Not being tech savy" is no excuse. There are plenty of resources available for the non-tech savvy to choose from to secure his devices.

Also, contrary to popular belief Android apps are all sandboxed. Each app runs as its own user, and only has access to its own data, or that which belongs to the system. It cannot access any other app's data, unless it runs as root.

Veteran

~Johnny

Posted
Posted

Objectionable content aside, there is no malware in that list. A better comparison would probably be the WP marketplace as they don't exactly follow as many "ethics" as Apple do.

There's not any malware in the Windows Phone marketplace either. The content rules are pretty similar to Apple's, and in fact, the sandbox is actually a *little* more restrictive on Windows Phone at the moment.

Mentor

evo_spook

Posted
Posted

If you can't take the time out to learn how to properly secure your crap, then I (and I imagine others as well) won't feel bad when you get it infected with a real trojan or some other bit of malware. In this day and age, not securing your stuff is just asking for trouble. "Not being tech savy" is no excuse. There are plenty of resources available for the non-tech savvy to choose from to secure his devices.

You shouldn't have to be doing this for a PHONE!

You can't just brush it under the carpet and absolve Google off any blame for this type of unsecurity, they need to step up to the plate and either sort out Android and or sort out the market place. You would let MS or Apple get away with it, you wouldn't let other industries release products that had a damaging insecurity and let them wash their hands off it, they need to be held accountable to sort it out in the market. If it was from a 3rd party market I could understand but the Google market itself needs sorting.

Grand Master

HawkMan

Posted
Posted

imo you should call this a spyware. Cause by the look of it this is what it is.

Doesn't look like a trojan to me.

Spyware is the payload, Trojan is the delivery method. it's a simple concept.

And only someone who blindly hates would discredit an article proving him wrong. Its what you do, and I accept that.

That article is not proving me wrong. it is in fact proving me right. it is a Trojan delivering a combined Spyware/badware(and possibly malware) payload.

This topic is now closed to further replies.
 Share
Go to topic listing

  • Posts

    • AltSendme 0.4.2

      By Copernic · Posted

      AltSendme 0.4.2 is out.
    • Secure Boot

      By cork1958 · Posted

      Simple answer is yes, you will still get the Windows updates and as long as browser is up to date, you will be good. Only thing secure boot does is protect you against boot level threats and make it harder to install other OS's. I've been looking into this pretty thoroughly lately myself as wifes computer has secure boot disabled plus my other, older computers that run Linux, don't have secure boot enabled. Have seen all kinds of questions about this on the Linux Mint and MX Linux forums. Just don't suddenly enable secure boot now.
    • Ford execs say they made a mistake when they replaced human engineers with AI

      By TsarNikky · Posted

      How many other companies will follow Ford's lead? Or, have they already gotten lazy and become enslaved to AI--and now can't figure out how to get out of that mess.
    • The Trump administration doesn't want you to use OpenAI's GPT-5.6 without its approval

      By TsarNikky · Posted

      Why would any self-respecting intelligent person follow any recommendation by Donald's GOP administration? With almost two years of fabrications, deceit, and blatantly illegal behavior, why believe them now? They had best be gone after the November 2026 election, so we'll wait and see.
    • AltSendme 0.4.2

      By Copernic · Posted

      AltSendme 0.4.2 by Razvan Serea AltSendme is a minimal, cross-platform application designed for fast, secure, and private peer-to-peer file transfers. It allows users to send files or entire directories directly between devices without relying on cloud servers, accounts, or any personal information. Everything is encrypted end-to-end using modern protocols like QUIC and TLS 1.3, ensuring both strong security and low-latency performance. Transfers are verified with BLAKE3 for data integrity, and interrupted downloads automatically resume, making the experience reliable even on unstable connections. You can transfer anything—images, videos, documents, and more. Integrity checks are performed on both ends, so your files are automatically verified for correctness during both sending and receiving. AltSendme works seamlessly across local networks or long-distance links, capable of saturating multi-gigabit connections for extremely fast delivery. With built-in NAT traversal and encrypted relay fallback, it connects devices almost anywhere. The app integrates with the Sendme CLI and will soon support mobile and web platforms. Fully free and open-source, AltSendme offers a lightweight, privacy-first alternative to traditional cloud-based services, removing size limits, upload costs, and unnecessary data exposure. AltSendme 0.4.1 changelog: Release Highlights Self-hosted relays: Run your own iroh relay so transfers don't rely on public infrastructure. Includes a full deployment template in deploy/relay/ with Docker Compose for a VPS and configuration examples for production use. Fly.io support: One-click deploy template for Fly.io, including a quick-start config (fly.dev.toml) for testing without a custom domain, plus production setup with Let's Encrypt and your own hostname. Relay settings UI: New Settings → Network panel to choose how AltSendme connects: automatic public relays, custom self-hosted URLs (with optional auth token), or disabled. Test connections, verify latency, and see live relay status in the footer. Disable relays: Turn off relay servers entirely when you only need same-network transfers (e.g. LAN). Direct connections only. No relay hop required when devices can reach each other. Android graduates from beta: Android is now part of the regular release cycle alongside desktop. APKs ship with each version (universal, arm64, and armv7). Other improvements Private relay access control via shared auth token Relay fallback notifications when a custom relay is unreachable Broadcast mode toggle in sharing settings Android release build fixes (split-per-ABI APKs, universal APK preservation) UI polish: mobile safe-area insets, dropzone layout, transfer progress animation Bug fixes for minification-related serialization issues and system tray icon loading What's Changed feat(relay): add relay status functionality and settings UI (a120cdf) feat(relay): implement custom relay server configuration and verification (51276c7) feat(relay): add configuration for private relay access and enhance observability features (48fbabf) feat(relay): enhance relay URL validation, display connection status (d4fffa0) feat(relay): add RelayChangeGuard component and enhance relay-related translations (16ba514) feat(broadcast): add toggle setting for broadcast mode in sharing UI (ca6d977) fix(relay): correct QUIC discovery port, pin image, templatize fly.dev (52a2ba5) fix: More broken serialization due to minification (67491a9) fix(android): preserve true universal APK across per-ABI builds (e9f256f) fix(ui): conditional safe-area insets padding on mobile (1182f0e) refactor(transfer): CircularRing component animation fix (944572b) chore(android): drop x86 and x86_64 release APKs, keep universal+arm64+armv7 (34ada0b) AltSendme 0.4.2 release highlight: Modern Debian & Ubuntu support. The .deb package now declares compatible dependency alternatives (libayatana-appindicator3-1, libgtk-3-0t64) alongside the older Ubuntu 22.04 names, so it installs cleanly on Debian and Ubuntu 24.04+. Fixed settings sidebar header being covered by the custom title bar on Linux. What's Changed #172 Fixed #168 Addressed feat(tauri): support for modern debian (80f548d) fix(setting-sidebar): linux-only custom title bar covering nav header (fb55c9d) Download: AltSendme 0.4.2 | ARM64 | ~9.0 MB (Open Source) Download: AltSendme for MacOS | Android Links: AltSendme Home Page | GitHub | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware

  • Recent Achievements

    • Week One Done
      flexorcist earned a badge
      Week One Done
    • One Month Later
      Woland13 earned a badge
      One Month Later
    • Week One Done
      Woland13 earned a badge
      Week One Done
    • One Year In
      bernmeister earned a badge
      One Year In
    • Week One Done
      Scoobystu earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      494
    2. 2
      +Edouard
      225
    3. 3
      PsYcHoKiLLa
      149
    4. 4
      Steven P.
      75
    5. 5
      FloatingFatMan
      71
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!