Lookout Mobile Security Identifies a Third Iteration of DroidDream Light (Malware Threat)

If there’s one thing you can say about the guys behind the DroidDream Lite malware attacks it’s that they are persistent.  Lookout Mobile Security has identified a third round of the malware affected a very small number of Android handsets, however the threat has been removed.  Again.  And for now.  Downloads are reported to be in the range of 1,000-5,000 and came on the backside of apps from a developer known as Mobnet.

For those of you who don’t have Lookout on your phone (shame on you), you’ll be wise to look through your apps to see if you have one of these four titles.  

  • Quick FallDown
  • Scientific Calculator
  • Bubble Buster
  • Best Compass & Leveler

Lookout advises that there is an other app in the Android Market with a very similar name in Best Compass & Leveler.  Please double check the package name of the app to determine if you are affected.  

  • GOOD: com.gb.compassleveler
  • BAD: com.gb.CompassLeveler

As always, if you did have Lookout on your Android device, you’re safe and sound.

For those not aware of what DroidDream Lite does, here’s what Lookout has to say about it.

Malicious components of DroidDream Light are invoked on receipt of a  android.intent.action.PHONE_STATE intent (e.g. an incoming voice call).  DroidDream Light is not, therefore, dependent on manual launch of the installed application to trigger its behavior.  The broadcast receiver immediately launches the <package>.lightdd.CoreService which contacts remote servers and supplies the IMEI, IMSI, Model, SDK Version and information about installed packages.  It appears that the DDLight is also capable of downloading and prompting installation of new packages, though unlike its predecessors it is not capable of doing so without user intervention.



Best Sellers from Our Store

About author

Scott Webster
Scott Webster 6776 posts

Scott has been running AndroidGuys since 2007 and loves nothing more than reading up on the latest smartphone rumors. His other mobile efforts can be found on Android Update (CNET) where he covers Google's mobile platform.

  • http://twitter.com/udnaan Adnan

    Finally I have something to do with the dual core processor, run antivirus on it. 

    Seriously AndroidGuys, promoting an antivirus? This culture and so called implication that everyone needs one, needs to end with windows. 

    • Chuck56

      Look, an iTard!

      • Mikey

        Gold =)