First Malicious Use of ‘Master Key’ Android Vulnerability Discovered

July 25, 2013 in Android, News, Security by admin

android-logo“Norton Mobile Insight—our system for harvesting and automatically analyzing Android applications from hundreds of marketplaces—has discovered the first examples of the exploit being used in the wild. Symantec detects these applications as Android.Skullkey.”

We found two applications infected by a malicious actor. They are legitimate applications distributed on Android marketplaces in China to help find and make doctor appointments.

An attacker has taken both of these applications and added code to allow them to remotely control devices, steal sensitive data such as IMEI and phone numbers, send premium SMS messages, and disable a few Chinese mobile security software applications by using root commands, if available.

Update [July 24, 2013] – We have discovered four additional Android applications infected by the same attacker and being distributed on third-party app sites. The apps are a popular news app, an arcade game, a card game, and a betting and lottery app. All of these apps are designed for Chinese language users.

We have also determined Android.Skullkey will send a text message to all your contacts with a link to a mobile game at hldc.com. This site is currently down.

For the entire article please follow this link.