Symantec Reports On Fake Google Security Patch

Symantec is reporting today that they have found some suspicious code in a repackaged version of an app that Google recently pushed called the “Android Market Security Tool”.  It seems that some enterprising hacker got their hands on the app, injected some malicious intent, then posted it for download on an unregulated third-party market in China.

Some reports are saying that it has been spreading due to the fact that people are taking it upon themselves to get the Google app instead of waiting for it, and have found the repackaged false app as a result.  A quote from the Symantec article talks about the threat:

Symantec has identified suspicious code within a repackaged version of the “Android Market Security Tool”. This package was found on an unregulated third-party Chinese marketplace. This threat seems to be able to send SMS messages if instructed by a command-and-control server located at the following address:

hxxp://www.youlubg.com:81/Coop/request3.php

Watch what you are downloading out there, keep your Android safe!

Now in our tenth year, AndroidGuys offers daily news, reviews, editorials, and tutorials. Articles listed under this byline are comprised of those written by current and former employees of AndroidGuys as well as guest contributors and sponsors.
  • Jimmy Dingo

    Is this the traditional bug source similar to PC’s? Apple fanboys or employees paid bounties to write malicious software, but now expanding to the Android?