Here's the situation: thirteen apps from three developers (many of whom were in the official Android Market) have been carrying malicious code chunks called "Android.counterclank" that can "can receive commands to carry out certain actions, as well as steal information from the device." This stuff apparently ended up installed on around (brace yourself) between one and five million Android devices.
… or did it?
Here's what digital security firm Symantec had to say at first …
Some of the 13 apps that Symantec identified as infected have been on the Android Market for at least a month, according to the revision dates posted on the e-store. Symantec, however, discovered them only yesterday.
Users had noticed something fishy before then.
"The game is decent … but every time you run this game, a 'search icon gets added randomly to one of your screens," said one user on Jan. 16 after downloading Deal & Be Millionaire, one of the 13. "I keep deleting the icon, but it always reappears. If you tap the icon you get a page that looks suspiciously like the Google search page."
Which apps had this fun "feature" added?
- Counter Elite Force
- Counter Strike Ground Force
- CounterStrike Hit Enemy
- Heart Live Wallpaper
- Hit Counter Terrorist
- Stripper Touch girl
- Balloon Game
- Deal & Be Millionaire
- Wild Man
- Pretty women lingerie puzzle
- Sexy Girls Photo Game
- Sexy Girls Puzzle
- Sexy Women Puzzle
However, rival security firm Lookout isn't quite so sure, saying "Android.Counterclank" is just an "aggressive" ad software development kit designed to help free apps make some money in these challenging economic times.
Symantec did some backpedaling, saying …
The situation we find ourselves in is similar to when Adware, Spyware, and Potentially Unwanted Applications first made appearances on Windows. Many security vendors did not initially detect these applications, but eventually, and with the universal approval of computer users, security companies chose to notify users of these types of applications.
Is the software "safe?" Is anything on a wild west platform like Android safe? Things are a little hinkety, so caveat emptor up in that piece, because "malware" or not, Symantec asked Google to strike this code and all its relevant apps from the Market. Do with that knowledge what you will.