Symantec 針對 Android Market 的監測發現,近期出現一種新的惡意軟體大規模侵襲 Android 裝置,提醒使用者在 Android Market 下載應用程式時小心謹防。Symantec 將該惡意軟體稱為 Android.Counterclank,是去年六月發現的 Android.Tonclank 變種,同樣以木馬形式竊取設備上的資訊,並且將自己偽裝成合法的應用程式,誘使用戶下載安裝,目前估計受影響的人數已高達100至500萬人。雖然 Google 很快把這些惡意軟體強制拉下架,但有部分已經在 Android Market 中存活至少一個月時間,為求自保,建議各位核對一下 Symantec 提供的惡意軟體名單,若發現已安裝請馬上移除。
全部都冇!!
全部都冇!! too
Webmaster请更新一下,因为赛门铁克最新的内容在这里:http://www.symantec.com/connect/blogs/update-androidcounterclank
这些软件只是广告的SDK,因为被赛门铁克怀疑,而且原来塞厂发的新闻有问题,后来他们撤掉原文重新写了。这些软件并没有病毒问题。
可騎劫瀏覽器 / 改動首頁、將用戶的書簽和其他資訊上傳至目標server
…After receiving this information, the code will wait for a command. Commands of interest include:
ACTIVATION – Causes a webpage to be displayed. The feature appears to be designed to display a webpage with a EULA (end-user license agreement), but our testing was unable to reproduce applications showing such a page.
HOMEPAGE – Sets the browser’s homepage.
BOOKMARKS – Create or request bookmarks. In our testing, we have seen this feature actively used to send all the bookmarks of a device to apperhand.com
SHORTCUTS – Create shortcuts on the home screen.
The homepage, bookmarks, and shortcuts may be sent to the following domain:
http://searchwebmobile.com/search?sourceid=1&app=UNIQUE APPLICATION ID]
Searchwebmobile.com belongs to a third party, Infospace, who provides monetary compensation to applications redirecting search queries through their website.