UPDATE Up to a million Android users in China could be part of a large mobile botnet according to research unveiled by Kingsoft Security, a Hong Kong-based security company, this week.

The botnet has spread across phones running the Android operating system via Android.Troj.mdk, a Trojan that researchers said exists in upwards of 7,000 applications available in third-party app stores, including the popular Temple Run and Fishing Joy games.

According to reports, the strain of malware was discovered in 2011 but recent analysis has shown the botnet has ramped up infection rates and at this point might have infected one million smartphones.  

Android botnetThe botnet opens phones to remote hijacks and unauthorized purchases, according to a report by the BBC today while a separate report on China’s Xinhua News Agency [Translated] which first reported about the botnet earlier this week, claims the malware has caused some phones to randomly open “strange software” that is tricky to remove.

A similar Android botnet, Rootstrap, infected more than 100,000 devices and scammed users into sending fake SMS messages last year. That malware, much like Android.Troj.mdk, was largely confined to China and at the time was described as the largest mobile botnet documented to date. If Android.Troj.mdk has indeed spread to a million phones as Kingsoft suggests, it’s possible the botnet could soon overtake Rootstrap.

China has already proven itself to be a seemingly endless source of mobile malware and with news today that the country’s mobile users have risen 18 percent from last year to 420 million, scores of phones are being put at risk daily. 

Categories: Malware, Mobile Security

Comments (6)

  1. Larry J Seltzer
    2

    I’m pretty sure that the 7000 infected apps with Android.Troj.mdk were found in 3rd-party stores, not Google Play

  2. Anonymous
    3

    The story you link (bbc) says something completely different (NOT IN GOOGLE PLAY STORE):

    “Security firm Kingsoft Duba said last year that the Android.Troj.mdk Trojan had been found in more than 7,000 apps downloaded from non-Google-owned stores.”

    Correct the article and stop spreading FUD.

    The user has to change settings to even allow non-google apps. Those who do that should know what they do, but yeah it seems they don’t.

  3. Eeelman
    4

    Money money money… those who worship the Money God are soulless creatures unfit to even exist!

  4. Walt French
    5

    “…scores of phones are being put at risk daily.” 

    I know this was meant to sound alarmist, but PLEASE, people: even ten score a day would mean a tiny fraction of the million you claim are infected. Always difficult to get figures on this sort of thing, but you could at least indicate risk more helpfully. Such as, “perhaps as many as 1% of all Android users could be getting infected,” perhaps.

  5. Ron
    6

    My thoughts exactly, and hence why they are mostly limited to China (even past articles on slashdot.org from other sources mentioned China and the 3rd party “markets” they used, NOT the office Google Play Store

Comments are closed.