Google Android OS Trojan virus hits 100K devices in China

Trojan malware has hit 100,000 devices using the Google Android operating system (OS) in China, say security researchers.

The Trojan, dubbed MMarketPay.A, is designed to purchase apps and content without the consent of the device user, running up high mobile bills.

Researchers from security firm TrustGo said 10 China-based Android marketplaces have so far been infected with the Trojan, which can be hidden in applications which appear legitimate.

Code analysis reveals the MMarketPay.A Trojan can bypass SMS and CAPTCHA-based verification techniques used by some Android app market places.

The main source of Android-specific malware is the cloning, repackaging and modification of popular apps with intentionally malicious code, the TrustGo researchers said.

“The ease and speed that malicious apps can be developed and distributed to unsuspecting users is one of the fastest growing security concerns,” said Xuyang Li, CEO of TrustGo.

The security firm advises uses of Android devices to download and install a mobile security app with real-time scanning capability before downloading or updating popular apps.

According to TrustGo, most mobile malware is currently found in applications that originate from and attack third-party markets in China and Russia.

However, security industry representatives say there has been a marked increase in Android malware around the world as the Google OS has grown in popularity.

As recently as last week, researchers reported evidence that Google Android OS smartphones are being hijacked by a botnet that sends spam to contacts stolen from targeted mobile devices.

"Android is where the action is," said Cesare Garlati, vice-president of mobile security at security firm Trend Micro.

Android will be the most exploited mobile platform in 2012, he told attendees of a regional interest group meeting of the European association for e-identity and security (eema) in Slough.

Although the latest version of Android has introduced improved security, such as enabling encryption, there is still no firewall capability and 90% Google Play downloads are to devices running earlier, less secure versions of Android, Cesare Garlati said.