Lookout: Android.Counterclank Found by Symantec Not Malware

Security solutions provider Symantec alerted Android users a few days ago on the existence of an Android Trojan called Android.Counterclank, which they catalogued as an information-stealing piece of malware. However, Lookout, a mobile security firm, questions those claims, reporting that Counterclank is just an aggressive form of ad network.

Symantec’s report found that the Trojan was being bundled with popular apps on the Android Market and it had already infected as much as 5 million devices.

They identified Counterclank as a minor modification of Android.Tonclank, a threat that has the features of a bot, its main purpose being to swipe private information.

Applications such as Hit Counter Terrorist, CounterStrike Hit Enemy, Counter Strike Ground Force and Counter Elite Force were served on the official Android Market with a malicious code that’s inserted as a package called Apperhand.

On the other side of the fence, Lookout also took a peek at these applications and they concluded that even though the Apprehand SDK was “an aggressive form of ad network that should be taken seriously,” it couldn’t really be considered malware.

“The average Android user probably doesn’t want applications that contain Apperhand on his or her phone, but we see no evidence of outright malicious behavior,” Lookout researchers write.

“In fact, almost all of the capabilities attributed to these applications are also attributable to a class of more aggressive ad networks – this includes placing search icons onto the mobile desktop and pushing advertisements through the notifications bar.”

Lookout has been studying mobile advertising SDKs since some of them began using more aggressive tactics to promote their adverts, including pushing notifications, dropping search icons on the device’s desktop, and pushing bookmarks to the browser.

Since ad networks are becoming an important part of the mobile ecosystem, we’ve contacted Lookout to request an interview that may further clarify the use of these elements and their impact on customers. Stay tuned to find out more.


No comments:

Post a Comment

Note: Only a member of this blog may post a comment.