NEWS FROM THE LAB - Wednesday, March 2, 2011

Android Trojan Alert Posted by Response @ 09:33 GMT

Recent reports on trojanized applications being found on the official Android Market just came to our attention (via Androidpolice.com and Reddit).

The malicious applications were uploaded using various developer names. A full listing of the applications involved appear here: http://pastebin.com/Ue8TfLgE.

According to the androidpolice.com report, on checking out one of the malicious applications, it contains a known exploit "rageagainstthecage" for gaining root access. This exploit is known to work on Android 2.2 and below.

The original androidpolice.com report indicated the malicious applications have already been pulled from Android Market — which is great news for users who haven't yet unwittingly downloaded the malware.

Users who have already done so may still need to wait for Google to remotely remove these apps — or remove them manually.

We'll continue to monitor the situation. We're also looking for samples of these trojanized applications for further analysis. If you have one of the malicious samples, you might consider sending it to our Sample Analysis System.


Edited to add: The pastebin link is no longer valid. Mashable and other news outlets are publishing the list.