November 27, 2014

Symantec Reports On Fake Google Security Patch

Symantec is reporting today that they have found some suspicious code in a repackaged version of an app that Google recently pushed called the “Android Market Security Tool”.  It seems that some enterprising hacker got their hands on the app, injected some malicious intent, then posted it for download on an unregulated third-party market in China.

Some reports are saying that it has been spreading due to the fact that people are taking it upon themselves to get the Google app instead of waiting for it, and have found the repackaged false app as a result.  A quote from the Symantec article talks about the threat:

Symantec has identified suspicious code within a repackaged version of the “Android Market Security Tool”. This package was found on an unregulated third-party Chinese marketplace. This threat seems to be able to send SMS messages if instructed by a command-and-control server located at the following address:

hxxp://www.youlubg.com:81/Coop/request3.php

Watch what you are downloading out there, keep your Android safe!



  • Jimmy Dingo

    Is this the traditional bug source similar to PC’s? Apple fanboys or employees paid bounties to write malicious software, but now expanding to the Android?