The Inquirer-Home
Software > Security

Symantec provides more details on Android Counterclank malware

Says it wants to warn users
By Chris Martin
Tue Jan 31 2012, 15:30

SECURITY VENDOR Symantec has revealed that the Android malware called Counterclank has come from one vendor and backed up its choice to warn users.

The firm revealed what it called the biggest malware distribution of the year in the Counterclank Trojan on Android. It has given more details about it and said it is helping users make their own decisions on it.

Symantec said, "When classifying applications, our focus is on whether users want to be informed of the application's behaviour, allowing them to make a more informed choice regarding whether to install it."

It said that we're at a similar point to when adware, spyware and unwanted applications were first found on Windows but vendors didn't detect them. Eventually, with the support of users, they chose to notify users of these types of applications.

Symantec has discovered that the malware code has come from a single vendor, a company that distributes a software development kit (SDK) for converting apps.

The code connects to a remote server, apperhand.com, and sends various details about the phone. It can make web pages load, set the browser's homepage, create or request bookmarks and create shortcuts.

It's debatable whether this is malware or not. Lookout, a firm that specialises in mobile security has also investigated Counterclank and found similar activity. However, it doesn't class any of it as malware but rather as an "aggressive form of an ad network".

Ogre Games, one of the publishers Symantec highlighted has added this message to one of its apps, "WE ARE NOT MALWARE!! Symantec, the company that wrongly labelled this app as malware the other day, have contacted us and are in the process of un-doing the mistake they did and whitelabling our product."

The other apps that were still on the Android Market yesterday from Redmicapps have since disappeared. Symantec submitted a ticket to Google for removal of the Counterclank malware but Google said the apps met the Android Market terms and requirements so they have not been removed.

Symantec expects similar things to occur in the future and is in contact with the unnamed SDK vendor to get more information. µ

Tags: Security

Share this:

< Previous article| Next article >
Comments
Symanted will dead

It is a pity, but Symantec has no future in the mobile world which will dominate the earth in the next years. Not even Windows Phone (in case it becomes more than a marginal OS) resembles the old unsecure Windows. In fact it is just Symantec the new malware paradigm! (if we take into account that they try to get our money in exchange to completely unneeded services on the current mobile OSs!).

posted by : Carlos Paredes, 31 January 2012 Complain about this comment
More scareware from Symantec

Symantec makes their income by selling ineffective and overpriced "security" software to consumers. I'd take any claim they make that a given app is "malware" with a few thousand tonnes of salt, thank you very much.

posted by : Morely the IT Guy, 31 January 2012 Complain about this comment
aboutus
Advertisement
Subscribe to INQ newsletters
Click here to sign up
INQ White papers

Databases

Network management

Security

Service oriented architecture

Storage
Advertisement
INQ Jobs
INQ Poll

Facebook starts selling shares

Will you buy Facebook shares?

View other polls
Follow us:
Business & Technology websites:
Business research resources:
Products:
Investment Market IT websites:
Find out what you are worth:
Search for a job:
Recruitment Agency A-Z Directory
Accreditations: