Compromised Android Malware Removal Tool Discovered -- Info from Symantec
Good morning,
After malware was found last week on the official Android Market, Google published an application – “Android Market Security Tool” – to undo the side effects caused by Android.Rootcager. Symantec has now discovered suspicious code within a repackaged version of the “Android Market Security Tool.”
Symantec found this suspicious version of the tool on an unregulated third-party Chinese marketplace. This threat appears to be capable of sending SMS messages if instructed to do so by a command and control server. Analysis of the application is still ongoing, however, of note is that the threat’s code seems to be based on a project hosted on Google Code and licensed under the Apache License.
For more information, please see this Symantec blog post: http://www.symantec.com/connect/blogs/androidbgserv-found-fake-google-security-patch. Also, please let me know if you would like to speak with a Symantec security expert about this topic.
Best,
Elana
Elana Ziluk
Account Coordinator | MAVERICK Public Relations
(416) 640-5525 x 243 | 37 Madison Avenue | Toronto | M5R 2S2
w: maverickpr.com | t: MAVERICK_PR