Thursday, April 12, 2012

Malware-laden Angry Birds: Space version posted to alternative Android markets

A malware-laden version of Angry Birds: Space has made its way onto the Internet, but it's not as bad as you might think: the infected app is only available on alternate Android appstores, meaning not on the official Google Play (formerly Android Market) marketplace.

It's another example of why users should stick to at least semi-official marketplaces when installing Android apps. Of course, the rather wide-open nature of Android (meaning a non-curated app experience) is at least part of the reason for this. Unlike iOS, users can install from unofficial app stores as long as they go into their Android settings and check a box labeled "Unknown sources" (the only way around the official App Store restriction on iOS is to jailbreak a device).

The Amazon Appstore could be considered a semi-official marketplace, as is definitely trustworthy in terms of app delivery and curates their apps, as well. Sophos Labs analyst Graham Cluley detailed the malware.

Cluley did not identify the "stores" that were distributing the malware.

The Trojan Horse, called Andr/KongFu-L, uses the well-known GingerBreak exploit to gain root access to the device, and install malicious code which then communicates with a remote server to download and install more malware onto your Android smartphone.

Effectively, Sophos said, a phone infected by this malware is turned into a member of a botnet.

In addition to being cautious as to the stores a user visits, an Android user should also install an antivirus app. There are many in Google Play from reputable firms that are free, but that offer expanded services (such as remote wipe, etc.) for a premium.

Angry Birds: Space is the latest in the Angry Birds series by Rovio. It reached 10 million downloads in three days, and 20 million downloads within a week, according to the company.

No comments: