Sign in with
Sign up | Sign in

Android Botnet Claims 1 Million Victims in China

By - Source: Xinhua | B 28 comments

Trojan-based attack hidden in over 7,000 apps, including popular games such as Temple Run.

Security researchers have discovered a vast Android-related mobile botnet in China that has affected over one million victims.

The attack, based on a Trojan, affects Google's Android platform by being hidden in more than 7,000 apps. That includes popular games such as Temple Run and Fishing Joy.

Once the botnet is installed, the attacker can remotely control the victim’s smartphone, consequently allowing them to steal data, download additional apps and integrate adware.

The ‘Andorid.Troj.mdk’ Trojan itself was discovered back in 2011 by security firm Kingsoft Duba. However, with Android dominating the Chinese market during 2012, a lack of awareness over mobile security threats from new mobile owners has allowed the botnet to infect over one million users.

Meanwhile, SpamSoldier, a similar Android malicious mobile application is confined to the U.S. During the third quarter of 2012, Android malware surged by a considerable amount.

Discuss
Display all 28 comments.
This thread is closed for comments
Top Comments
  • 13 Hide
    JackFrost860 , January 20, 2013 12:45 AM
    I was a big fan of Android and i used a GS2 for almost two years; but the security model of Android of unverified apps being uploaded to the Play Store every day is just tacking the platform to a perfect storm; news reports like these are just the beginning. Android needs to start charging for uploading apps to the Play store like Microsoft and Apple do, and the money spent of reviewing the code before releasing it to the customer base.
Other Comments
  • 0 Hide
    A Bad Day , January 20, 2013 12:08 AM
    Yeah, I don't think that attack was sponsored by the government...

    Maybe China would invest a little more into cracking down on the Mob hackers?

    (I call them "Mob" because many professional hackers work together, just like criminal gangs)
  • 13 Hide
    JackFrost860 , January 20, 2013 12:45 AM
    I was a big fan of Android and i used a GS2 for almost two years; but the security model of Android of unverified apps being uploaded to the Play Store every day is just tacking the platform to a perfect storm; news reports like these are just the beginning. Android needs to start charging for uploading apps to the Play store like Microsoft and Apple do, and the money spent of reviewing the code before releasing it to the customer base.
  • -9 Hide
    otacon72 , January 20, 2013 12:48 AM
    JackFrost860I was a big fan of Android and i used a GS2 for almost two years; but the security model of Android of unverified apps being uploaded to the Play Store every day is just tacking the platform to a perfect storm; news reports like these are just the beginning. Android needs to start charging for uploading apps to the Play store like Microsoft and Apple do, and the money spent of reviewing the code before releasing it to the customer base.


    Uh oh...you said something bad about Android..be prepared to get thumbed down..lol Android has more security holes than Swiss cheese.
  • -9 Hide
    Anonymous , January 20, 2013 12:57 AM
    Android has no security holes than the iraqi navy* Fixed
  • 8 Hide
    A Bad Day , January 20, 2013 1:08 AM
    JackFrost860I was a big fan of Android and i used a GS2 for almost two years; but the security model of Android of unverified apps being uploaded to the Play Store every day is just tacking the platform to a perfect storm; news reports like these are just the beginning. Android needs to start charging for uploading apps to the Play store like Microsoft and Apple do, and the money spent of reviewing the code before releasing it to the customer base.


    However, Google still has to walk a fine line between setting the flood gates to "full open" and being a tyrant about selecting which stuff to approve.

    When the first iPhones came out, a company got screwed over by Apple when Apple's review committee took over three years to approve their preemptively heavily marketed app.

    By the time the app was available on the market, the new iPhones already included the app's feature.

    Ouch...
  • -4 Hide
    house70 , January 20, 2013 1:37 AM
    Meh. I'm still in charge of my phone. I can keep it tight and secure, or I can open it up to whatever dubious apps I want. It's up to me.
  • 1 Hide
    expressionate , January 20, 2013 1:46 AM
    Will an Antivirus like Avast help to protect my phone?
  • 3 Hide
    A Bad Day , January 20, 2013 1:49 AM
    house70Meh. I'm still in charge of my phone. I can keep it tight and secure, or I can open it up to whatever dubious apps I want. It's up to me.


    You have no idea how many people social engineering can dupe, and how many of those people thought they were being smart.

    expressionateWill an Antivirus like Avast help to protect my phone?


    Well, smartphones are essentially ultra-mobile computers. Better safe than sorry.
  • 3 Hide
    madjimms , January 20, 2013 2:04 AM
    enmass90Android has no security holes than the iraqi navy* Fixed

    *facepalm*
  • 2 Hide
    sundragon , January 20, 2013 2:29 AM
    A Bad DayHowever, Google still has to walk a fine line between setting the flood gates to "full open" and being a tyrant about selecting which stuff to approve.When the first iPhones came out, a company got screwed over by Apple when Apple's review committee took over three years to approve their preemptively heavily marketed app. By the time the app was available on the market, the new iPhones already included the app's feature.Ouch...


    Care to post a link to that app, just asking to cite your sources...

    Ouch
  • 0 Hide
    A Bad Day , January 20, 2013 3:11 AM
    During my Introduction to Computer Concepts (state mandated high-school class), we were shown a rather dated CBS (I think) documentary on the iPhone, what made it so influential, and how were developers building apps and submitting them to be reviewed. The DVD documentary was published after Apple reached its 1 billion app mark.

    The company submitted an app that had to do with "enhancing communication" (don't fully remember), and proceeded to run advertisements in anticipation of their app being approved quickly.

    However, a group of indie developers got lucky that their app was approved within 3 months.
  • -1 Hide
    ccovemaker , January 20, 2013 5:04 AM
    1) I would rather have the freedom to install what I want on my phone vs Apples walled garden big brother knows best approach.
    2) China's population is now 1.3 billion. That means .07% of the Chinese people were affected by this. "Oh noes Androidz is broke!!" This is not news. More Zak based Apple propaganda.
  • 2 Hide
    fuzzion , January 20, 2013 5:05 AM
    Isnt it a coincidence that at the time of this report Apple says China will be its greatest market?
  • -4 Hide
    sundragon , January 20, 2013 5:11 AM
    ccovemaker1) I would rather have the freedom to install what I want on my phone vs Apples walled garden big brother knows best approach.2) China's population is now 1.3 billion. That means .07% of the Chinese people were affected by this. "Oh noes Androidz is broke!!" This is not news. More Zak based Apple propaganda.


    You've gotta be kidding?! Allowing 7,000 applications to have a trojan is short of criminal. If you were to replace Android App Store with Apple App Store, you'd be writing a totally different comment... This is sh*tty for Android users! Go blamestorm elsewhere! This forum is full of rabid angry Android fans that make excuses for everything...

    Sent from my Nexus 7
  • 2 Hide
    mugiebahar , January 20, 2013 5:58 AM
    I agree that something needs to be done. I use my iPhone for work and S3 for play (yes I not need 2 phones my wife yells at me all the time so I get it) but if MS had that many Trojans running loose and not fixed everyone would be yelling at the top of their voice.
  • 0 Hide
    The_Trutherizer , January 20, 2013 7:05 AM
    There's a lot of personal data there. It was maybe quite naive to think it would not be exploited to its full extent. App management and security in smartphones is completely stacked in favour of 'legitimate' software vendors that want your data. If you ask me then its likely that these guys are just piggy backing so that's what all the fuss is about.

    So anyway. I have yet to see a mobile device operating system that brings the lessons learned from the PC into smartphones. It's just not really there for the consumer yet.
  • 1 Hide
    olaf , January 20, 2013 7:52 AM
    Yeah why don't i believe that over 1milion people got there phone infected from the Play Store? Stop downloading and installing apps from shady sites and then your golden, don't tell me that this comes as news to you after 20+ years of internet availability ...
  • 4 Hide
    contentsmayvary , January 20, 2013 9:30 AM
    /facepalm at all the people thinking these infections came from the Play store. They don't - they come from sideloaded apps - often "free" versions of apps that you have to pay for on the Play store.
  • 6 Hide
    Anonymous , January 20, 2013 10:29 AM
    Infected users DID NOT USE THE GOOGLE PLAY STORE TO OBTAIN THE INFECTED APP........ The same thing would (and would) happen to iPhone users if they used a 3rd party store to purchase and download software.

  • 1 Hide
    khha4113 , January 20, 2013 2:02 PM
    sundragonYou've gotta be kidding?! Allowing 7,000 applications to have a trojan is short of criminal. If you were to replace Android App Store with Apple App Store, you'd be writing a totally different comment... This is sh*tty for Android users! Go blamestorm elsewhere! This forum is full of rabid angry Android fans that make excuses for everything...Sent from my Nexus 7

    Why does this widespread in China? Because most of infected phones there download pirated games from suspicious sites in CHINA not Google Play. Remember Google tried to prevent Acer and what it's called "Alibaba" create an like-Android phone?
Display more comments
Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter