Symantec claims to have found a string of “malicious” applications in the Android app store that resemble botnets.
According to a blog post by the company, these applications are pushing out a type of malware called Android.Counterclank, which is said to be related to a botnet-like virus called Android.Tonclank. Botnets generally extend from a commanding device, which then takes control of other devices via spam messages. On mobile, this control can be achieved through malicious applications.
Symantec says that Android.Counterclank has already affected 1000’s and considers its damage level to be a “medium,” for stealing personal information off of the phone. Thus far the company has isolated 13 potentially harmful applications in the Android Marketplace. The majority of which seem to be gaming applications as well as porn or applications with explicit content.
Mobile security firm Lookout Mobile, however, does not believe these applications to be malicious or botnet-like.
“Some companies are calling this a botnet or malware. Lookout has some concerns about the functionality, however at this time, and as far as we can tell, it does not meet the standard to be classified as malware or a ‘bot,'” said a Lookout Mobile spokesperson in an e-mail. “Consumers should take these apps very seriously as they appear to tread on privacy lines, but they are not necessarily malicious.”
Mobile botnets recently made Lookout Mobile’s threat predictions for 2012. The tactic thankfully hasn’t been used to its full potential yet, but some small scale botnets have already been detected. In 2011, Lookout Mobile found a botnet string called Geinimi originating out of China. This malware was able to receive commands from a remote server, as well as extract information from your phone, and attempt to infect others using your phone.
The company also warns that most common carriers of mobile malware are gaming and porn applications, which make up Android.Counterclank’s roster. See Symantec’s list of infected apps below: