updated 3/14/2011 2:14:10 PM ET 2011-03-14T18:14:10

Another hidden piece of malware aimed at Android phones has been discovered, again in China.

The HongTouTou or ADRD Trojan looks a lot like the Geinimi bug that turned up in the People’s Republic in December, but bears enough differences that most security vendors are giving it its own name.

The Trojan arrives hidden in a third-party app that Android owners download “off-road,” outside the approved channels such as the Android Marketplace.

Unauthorized Android app stores frequently offer familiar apps such as the popular game Robo Defense, but in some cases the games have been “repackaged” to include malware.

When you run an app containing HongTouTou, it “dials home” and sends the unique IDs of your phone and your SIM card to a remote host. From that host, the Trojan receives a set of keywords, and then starts sending queries using those keywords to Chinese-language search engines, possibly to generate advertising clicks for customers unknown.

HongTouTou also has the capability to turn your phone’s Internet access on and off, to write to the external storage card and to update itself with even more abilities, though researchers don’t think the last feature has been used yet.

Like Geinimi, this Trojan is mostly limited to the Chinese-language market. But all Android users should be wary of installing apps that come from outside the Android Marketplace or other officially approved stores. You can set your Android phone ’s settings to disable installation of apps from “unknown sources.”

© 2012 SecurityNewsDaily. All rights reserved


Discussion comments


Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments