Compromised Android Malware Removal Tool Discovered -- Info from Symantec

 

Good morning,

 

After malware was found last week on the official Android Market, Google published an application – “Android Market Security Tool” – to undo the side effects caused by Android.Rootcager. Symantec has now discovered suspicious code within a repackaged version of the “Android Market Security Tool.” 

 

Symantec found this suspicious version of the tool on an unregulated third-party Chinese marketplace. This threat appears to be capable of sending SMS messages if instructed to do so by a command and control server. Analysis of the application is still ongoing, however, of note is that the threat’s code seems to be based on a project hosted on Google Code and licensed under the Apache License.

 

For more information, please see this Symantec blog post: http://www.symantec.com/connect/blogs/androidbgserv-found-fake-google-security-patch. Also, please let me know if you would like to speak with a Symantec security expert about this topic.

 

Best,

Elana

 

Elana Ziluk

Account Coordinator | MAVERICK Public Relations

(416) 640-5525 x 243 | 37 Madison Avenue | Toronto | M5R 2S2

w: maverickpr.com | t: MAVERICK_PR