Plankton Android Trojan Found in 10 Apps on Android Market

Linked by HAL2001 on Fri 10th Jun 2011 21:23 UTC

Ten more applications have been pulled from the Google's official Android Market following a notification that they contained a new kind of Android malware. The malware was discovered by Xuxian Jiang, an assistant professor at the NC State University, and his team. As we have already witnessed before, the malicious code is "grafted" onto legitimate applications, and once the app is installed, it works as a background service whose goals is to gather information and transmit it to a remote server. The server takes the information in consideration and returns a URL from which the malware downloads a .jar file that, once loaded, exploits Dalvik class loading capability to stay hidden by evading static analysis.

2 3 Comment(s)

http://osne.ws/j61

Post a Comment

android application marketplace differentiator

by gumoz on Sat 11th Jun 2011 18:48 UTC

Member since:
2008-05-15

This kind of stuff will be good for differentiation between MarketPlaces like Amazon App Store and Android Marketplace, I guess that the one that allows the user to be relatively safe without compromising App availability will get more money or at least confidence while buying/exploring.

Reply Permalink Score: 1

Comment by stippi

by stippi on Mon 13th Jun 2011 10:56 UTC

Member since:
2006-01-19

Would be interesting to know which apps have been pulled...

Reply Permalink Score: 2

the obvious question

by ikidunot on Wed 15th Jun 2011 14:12 UTC

Member since:
2011-06-04

What I want to know is where in the process between the developer submitting the app and the user installing it is the malware tacked onto the app?

Bluntly, who got pwned?

Reply Permalink Score: 1

OSNews