Symantec discovers botnet targeted at Chinese users

Symantec discovers botnet targeted at Chinese users

Symantec, widely known for their Norton antivirus software, has just released a blog post that caught our attention, and it might even worry you as well. Apparently, Symantec has discovered a botnet that’s aimed at Chinese users on two specific networks (although the names of said networks weren’t mentioned). You can take a look at the extensive post by Symantec, but essentially, it’s bundled into a normal application, one that’s not on the Android Market as we suspect that Google would catch something like this.

Basically, once the application is installed, a clean version of the software, along with a “malicious application,” are installed. The latter, Android.Bmaster, then triggers a connection between the infected phone and a remote server, where the initial application downloads an APK. This APK, a Remote Administration Tool (RAT), begins running, which allows the server to issue commands to the device itself. The malware can then send user data to the server, including IMEI numbers, IMSI numbers, Cell IDs, area codes where the phone was pinged recently, and mobile network codes.

According to Symantec, this vicious malware has been available since September of 2011, and the infected devices appear to be in the hundreds of thousands. Not only that, it’s also somehow gaining revenue from each device. Android.Bmaster is generating $1,600 to $9,000 per day, and if those numbers continue, it could earn over $547,000 per year. There’s no clear path as to what Symantec (or the Chinese carriers whose devices are infected) plan to do about this malware, but we’ll keep you posted if any new information comes in.

So is anyone surprised by this malware? Do you think more should be done to protect Android users from such attacks? Let us know by leaving a comment!

About author

Justin Marden
Justin Marden 488 posts

I've been an Android fanboy since day one, but I've never had a chance to truly express my voice and be a part of the Android Community. When AndroidGuys starting accepting applications for interns, I saw my opportunity. I joined the AndroidGuys team and haven't looked back!

You might also like

News and Rumors

Moto 360 expected at September 4 press event

Motorola’s foray into Android Wear and the world of smartwatches is expected to get officially underway on September 4. At least that’s what we’re gathering from the preliminary press invitation

News and Rumors

LG LU2300 Details Emerging

Details are starting to emerge (translated) about a forthcoming Android-based smart phone from South Korean handset maker LG.  From the sounds of it, the LU2300 will fit well with some

News and Rumors

ADC2: What Are Your Top Picks so Far?

The winners of the Android Developers Challenge 2 are scheduled to be announced later today so I wanted to do a last minute poll.  As we know, the criteria each

7 Comments

  1. Leif
    February 08, 17:52 Reply

    Well, the other Website Symantec linked says enough: 
    “Though this requires user consent, if such consent is given”

    When people click on stuff they don’t read it’s their own fault.

    • Anonymous
      February 09, 00:26 Reply

      hey that normal app must be really worth it

  2. Icc85
    February 09, 10:36 Reply

    Man this what the third time SYMC has cried wolf. The the two other times they were flat wrong. I have about as much trust in SYMC as I do with those guys selling real rolex watches for 290 bucks.they just need to step away from Android OS if this on turns out to be wrong.

Leave a Reply