updated 3/10/2011 12:29:14 PM ET 2011-03-10T17:29:14

Just four days after Google began erasing the data-stealing Android malware called “DroidDream” from users’ smart phones, online criminals have hijacked and retooled Google’s own security update in order to keep the scam going.

Researchers at the security firm Symantec reported Wednesday that they had found a corrupted version of Google’s own Android Market Security Tool on an unregulated third-party Chinese app market.

The real Android Market Security Tool, pushed out to Android users March 6 , removed the DroidDream Trojan from the hundreds of thousands of infected Android devices.

The corrupted one contains another Trojan that sends users’ text messages to a remote command-and-control server. Its other features are still being analyzed by Symantec.

Google brought out its Android Market Security Tool after 58 Android apps were found to secretly harbor the malicious DroidDream, which allowed attackers to steal a phone’s handset and user IDs and download rogue code from remote servers.

Google removed the infected apps from the Android App Market March 1.

© 2012 SecurityNewsDaily. All rights reserved


Discussion comments


Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments