We know Apple has a strangle hold on which apps make it to the App Store. That’s why Google is preferred by many developers since their apps have more of chance to see the light of day on Android Market. But this freedom appears to have helped malware makers as well. According to Symantec, millions of Android devices have been infected by malicious chunks of code called Android.Counterclank.
Calling it the largest Android malware infection ever, Security software vendor Symantec has discovered 13 apps from three developers (iApps7, Ogre Games and redmicapps) which are carrying the Android.Counterclank spyware which is technically a trojan and is a minor modification of Android.Tonclank. Some of these apps have been available on Android Market for at least a month.
The malware is capable of receiving remote commands without your knowledge and can steal information from your device. According to Symantec, it has infected between 1 million and 5 million Android devices so far.
The list of apps (posted below) which carry the bug includes games such as Counter Elite Force and CounterStrike Hit Enemy, and naughty titles such as Pretty women lingerie puzzle.
If you have a doubt whether an application, which is not in the above list, is infected with the trojan, you can check by seeing whether a service with the same name is running at once when you open the app. It can also be detected by looking for an added Search icon above your home screen. According to one user who installed Deal & Be Millionaire, “the game is decent … but every time you run this game, a search icon gets added randomly to one of your screens. I keep deleting the icon, but it always reappears. If you tap the icon you get a page that looks suspiciously like the Google search page“.
If there is an infected app on your device, we encourage you to uninstall it and/or reboot your device entirely back to stock.
Some of the malicious apps have already been removed from the Android Market but we are waiting for an official comment from Google. In the meantime, we have contacted the developers for a response.