Sign in with
Sign up | Sign in

Android Trojan Tells Contacts You're a Pirate

By - Source: Symantec | B 32 comments

A trojan is posing as an actual Android Market app that will spam the user's contact list with an embarrassing SMS.

Symantec reports that Android.Walkinwat is the first mobile phone threat of its kind to actually discipline users that are downloading non-Market Android apps from apk repositories. The trojan is presented as a non-existent version of Walk and Text (v1.3.7), a legitimate app that's currently available on the Android Market.

"Android.Walkinwat can be found on several renowned file sharing websites throughout North America and Asia," Symantec said. "One could make the case that this app was intentionally spread in these regions by the creators of the threat in order to maximize the download prevalence and convey their message to as large an audience as possible, however one could also make the case the creator of Android.Walkinwat is attempting to undermine the publisher of Walk and Text."

Symantec said that once the user downloads and installs the unofficial app, it pretends to apply a fake crack when in essence it's actually gathering all the user's information. It then transfers the sensitive package to an external server while also sending out SMS messages to all contacts on the phone's contact list. On Android, that usually means everyone listed on Google Contacts containing a mobile number.

"Hey, I just downloaded a pirated App off the Internet, Walk and Text for Android," the SMS message reads. "Im stupid and cheap, it costed only 1 buck. Don't steal like I did!"

"Interestingly enough, the Trojan performs the above set of actions in a routine of Android.Walkinwat called 'LicenseCheck,' something traditionally used by legitimate apps for license management in conjunction with a Licensing Verification Library available for the Android platform to help prevent piracy," Symantec added. "The authors of the malicious code have taken an extra step to make sure that their app was obfuscated, which is another recommended measure to prevent piracy."

The fake app doesn't do anything else once it gathers evidence and sends out the embarrassing messages, only closing with a pop-up labeled as Application Not Licensed. "We really hope you learned something from this," the message reads. "Check your phone bill. Oh, and don't forget to buy the App from the Market."

It wouldn't be surprising if this app was created by the original team behind the official Walk and Text app.

Discuss
Ask a Category Expert

Create a new thread in the Streaming Video & TVs forum about this subject

Example: Notebook, Android, SSD hard drive

This thread is closed for comments
  • 5 Hide
    lasaldude , March 31, 2011 6:47 PM
    My friends would be like "Yeah?? So??? We already know you do that. You taught and showed us how to be free also!"
  • -5 Hide
    osxsier , March 31, 2011 6:50 PM
    lmao! Android is a joke right now...and Google is closing it further. But that is pretty funny...buy the app you cheap bastards!
  • 3 Hide
    johnh2005 , March 31, 2011 7:00 PM
    That is absolutely brilliant. I am guessing that the makers of Walk and Text made this and distributed it to the torrent sites. Brilliant. Just Brilliant. I would get a heck of a laugh from this. I will make sure not to torrent it though as I do have quite a few contacts I would not want knowing that I sometimes go... YARR!!!!!
  • Display all 32 comments.
  • 0 Hide
    garyshome , March 31, 2011 7:00 PM
    iMAGINE THAT APP WRITERS WRITING TROJANS? Who would heve ever thoght? What is this world commong to?
  • 0 Hide
    mdillenbeck , March 31, 2011 7:06 PM
    Lets hope this isn't a bit of revenge by the developers. After all, writing a virus - even a well intentioned one meant to help enforce the law and embarrass lawbreakers - is still writing a virus. I believe many countries have legal codes about engaging in such activities. Additionally, there is an intent to cause financial harm by hoping they are not on an unlimited SMS plan.
  • -8 Hide
    southernshark , March 31, 2011 7:18 PM
    Android is full of fail, why anyone would buy one of those phones is beyond me.
  • 2 Hide
    Anomalyx , March 31, 2011 7:41 PM
    southernsharkAndroid is full of fail, why anyone would buy one of those phones is beyond me.

    Because it is way more secure than iOS. Yes, you read that correctly. Look at the results of the most recent Pwn2Own event before you even think about replying to this.

    Any platform can be compromised if you install malicious software on it, even the almighty Linux. This shouldn't take anything more than a grade-school education to understand. Just because you aren't smart enough to figure out that random pirated apps may be malicious doesn't mean that the rest of us should live in Apple's walled garden, being disallowed from installing anything they didn't approve.

    Personally, I'd rather own a feature(less) phone with nothing more than a 10-key pad than own an iPhone. Then again, I buy a phone for functionality, not because "it makes me look cool".
    Hint: iPhone doesn't really make you look cool, people just think it does.
  • 0 Hide
    igot1forya , March 31, 2011 7:49 PM
    Last I checked, Google leaves the option to install Non-Market apps up to the end user... why anyone would throw a hissy-fit over something that adds greater freedom is beyond me. Btw, the Market it's self is FULL of Trojans, but those apps serve you advertisements rather than virus'- thank goodness for the user feedback, else the Market would be a total loss.

    I may be biased though, I love my Android device(s)
  • 0 Hide
    ProDigit10 , March 31, 2011 7:59 PM
    android is linux based, and in my opinion should allow developers to develop open source apps, for free. I don't want to pay for an app, that once you buy it, does not seem to be what you needed it to be.
  • 0 Hide
    mistert , March 31, 2011 8:01 PM
    Android phones are great but this is not about my phone vs your phone. We will leave that to the playground.
    Now that I have seen this article I would not install this app on my phone even if I bought if from the Marketplace. How could you trust the authors did not put some other unwanted code in the app. While I don't disagree with them trying to protect their work, I do disagree with their tactics which shows a tendency to deceive.
  • 0 Hide
    milktea , March 31, 2011 8:12 PM
    First off, someone or some developer needs to stand up and be the first to teach those unofficial app users a lesson. So +1 for Walkinwat dev.

    Second, since the app was obtained illegally, the author is no longer liable for any damages done to the phone or to the user. There's no license to protect the app user in this case.
  • 0 Hide
    christop , March 31, 2011 8:40 PM
    arrrrgh I am a pirate good call mateee!!!
  • 0 Hide
    MxM , March 31, 2011 9:15 PM
    milkteaFirst off, someone or some developer needs to stand up and be the first to teach those unofficial app users a lesson. So +1 for Walkinwat dev.Second, since the app was obtained illegally, the author is no longer liable for any damages done to the phone or to the user. There's no license to protect the app user in this case.

    Why is it illegally obtained app? Are you saying exactly the same app with exactly the same functionality (i.e. send those text messages) are on Android Market?
  • 0 Hide
    Vampyrbyte , March 31, 2011 9:17 PM
    milkteaFirst off, someone or some developer needs to stand up and be the first to teach those unofficial app users a lesson. So +1 for Walkinwat dev.Second, since the app was obtained illegally, the author is no longer liable for any damages done to the phone or to the user. There's no license to protect the app user in this case.


    Seeing as this 'App' was designed, and presumably deliberately distributed by the means of a torrent. That is a legitimate way of obtaining it. The Authors are liable and have committed a crime by doing this. I hope they get their asses sued out of their pants so hard they can never shit themselves again.
  • 1 Hide
    soldier37 , March 31, 2011 9:21 PM
    My contacts already know I am one, they are pirates too since I showed them all how to. oh and Iphone FTW.
  • 0 Hide
    mikem_90 , March 31, 2011 9:42 PM
    o/^ Download what you want, 'cause the App is not free.. YOU ARE A PIRATE! o/^
  • 0 Hide
    Anonymous , March 31, 2011 9:53 PM
    At Vampire and MxM, while the trojan app is probably acquired legally due to it being distributed, those that get infected by it are doing so because they are attempting to obtain an illegal copy of a legitimate app. I agree with milktea, good job to the author.
  • 0 Hide
    bv90andy , March 31, 2011 10:02 PM
    A risky thing they did there... of course those devs will be the first under suspicion... and writing viruses, especially ones that use your network to send unwanted messages, is illegal.
    On the other hand some hacker/ex-employee at that company may have deliberately done this to get them in trouble..
  • -1 Hide
    irh_1974 , March 31, 2011 10:06 PM
    AnomalyxHint: iPhone doesn't really make you look cool, people just think it does.

    And white headphones just shout "mug me"
  • 1 Hide
    kinggraves , March 31, 2011 11:37 PM
    I wonder how many of those people are going to get that text and say:
    "Hey,,,can you show me how to pirate it too?"

    One of the best successful anti piracy measures is actually ignorance. If people realized how easy it is to get things for free, they probably wouldn't be paying for them either.

    Good work.
Display more comments
Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter