Massive Android botnet invades China: Could India be the next target?

  • 1
    Share

Android Botnet

A massive Trojan botnet has been discovered in Android devices in China and this serves as a timely reminder of the growing vulnerability of the Android platform. Staggeringly, this botnet has infected more than 1 million Android devices that function in China.

The high vulnerability of Android devices in China can be put down to the numerous unlicensed third-party application sources. A majority of Android users in China download apps and games from these unlicensed sources rather than the official Google Play store (this process is known as Sideloading). Needless to say, these unverified sources carry a greater number of threats and malwares than the official channels. Moreover, many low cost Android devices in China come pre-installed with several apps and games and some of these programs contain embedded Trojans and other threats.

The botnet carries the risk of remote hijacking
This botnet has been discovered in more than 7,000 popular apps that originate from unlicensed third-party sources. Once installed, the Trojan integrates the device into the botnet and gains remote access to crucial files. As a result, it collects phone numbers, contact lists, SMS content, photos, videos, geo-location data and other private information as well. It can also download other malicious apps and adware files into the system. All these activities make the device slow, drain battery life and cause financial damage to the unsuspecting user.

Today China has more than 400 million mobile users out of which more than 150 million users function on the Android platform. Mobile Internet usage is also on the rise in the country (an increase of 18%) and it is one of the fastest growing Android markets in the world. So the potential for damage in China is immense, especially when people access unlicensed sources to download apps and games.

Precautions to take to avoid this botnet
This Trojan could potentially spread to India as well so it is essential for Android users to exercise caution. We highly recommend that Android users install a mobile security suite on their device and keep this software updated at all times. Moreover, data usage stats and call history should also be regularly monitored for any signs of suspicious activity. Apps and games ask for special permissions before they are installed so these permissions should also be scrutinized effectively.

Unknown Sources

However, the most important precaution to follow is to disable the sideloading feature completely. Google Play has a vast collection of apps and games so sideloading should only be enabled when the source is trusted and essential to derive the application from. Here are the steps to disable sideloading.

  1. Go to Settings
  2. Go to Security or Applications/Applications Manager (in case of older Android versions)
  3. Uncheck the box next to Unknown sources to disallow apps from third-party sources

Once sideloading has been disabled from an Android device it is relatively safe from threats that exist in third-party sources. Trojans like this can originate from various outlets so it is imperative for users to maintain an updated mobile security suite and follow several safety precautions as well. We will continue to monitor this threat and inform our readers if the botnet spreads to India in the future.

Rahul Thadani

Rahul Thadani


25 Comments

Leave a Reply to Rahul Thadani Cancel reply

Your email address will not be published.

CAPTCHA Image

  1. Avatar Pooja chinchpokliJanuary 22, 2013 at 10:54 AM

    Dear Sir,

    Very good article. Follow your blog everyday.

    Reply
  2. Avatar alakhananda ston &quarryJanuary 22, 2013 at 11:55 AM

    computer me wares problkam ho raha hai . aap k company ka softwear uploda kiya hai . fir ye probla kyo ho raha ha hai ,
    pc hang ho rahah hai ?

    Reply
  3. what about Windows Phones ;)?

    Also, My maths is too weak to fill captcha thus I used bot!!!!!..kidding!

    Reply
  4. We all should follow the instruction mentioned for the Android users… Thanks.

    Reply
  5. i want required more information on this topic

    Reply
  6. Massive Android botnet invades China: Could India be the next target?

    we have to protect our cell phine from viruses..

    Reply
  7. good warning. One should follow it strictly.

    Reply
  8. Sir, I am using Quick heal Mobile security and from past couple of months my mobile security is continuously giving notifications saying that “A threat requires your attention”. When i click on it & go further its says i should either uninstall or skip it. But these are softwares & live wallpapers that i have downloaded from google play(Market).I dont understand this(antivirus is upto date).

    Help from an expert like you will be appreciated.

    Reply
    • Rahul Thadani Rahul ThadaniJanuary 23, 2013 at 10:31 AM

      Hi Ankit,
      Sometimes, certain free apps on Google Play get Trojans embedded with them in their code. It is possible that since Quick Heal is flagging these apps, there may be some malicious Trojan in them. It is advisable to remove the apps immediately. Also, kindly visit this link to submit a ticket – https://www.quickheal.co.in/submitticket.asp. Once done, our support team will contact you with a solution.
      Regards.

      Reply
  9. Thanks for giving this information, it is very useful.

    Reply
  10. Thanks a lot.

    Reply
  11. Excellent note
    Thank you for sharing

    Reply
  12. Avatar rajnish kumarJanuary 25, 2013 at 1:48 PM

    Thanyou so much

    Reply
  13. Thanks rahul for sharing a very crucial info with darker side of Android

    Reply
  14. I’m happy to use quick heal internet security
    Thanks..

    Reply
  15. Avatar abhishek soniFebruary 4, 2013 at 11:09 PM

    go on helping in the same manner

    Reply
  16. Its really useful information but just i want to know will QuikHeal remove this from my andriod mobile device.

    Reply
    • Rahul Thadani Rahul ThadaniFebruary 5, 2013 at 10:23 AM

      Hi Mangesh,
      If this botnet does in fact reach Indian devices, Quick Heal most certainly detect it and remove it from Android devices.
      Regards.

      Reply
  17. Dear Sir,
    good morning
    Very good article. Follow your blog everyday.it was working is well.

    Reply
  18. In a country like India, lot of people are convinced by shopkeeper, who is interested in selling his stock. Never care what will happen to customer , who believe him as friend, and do whatever shopkeeper/salesman says. Unless seller is trustworthy, no one will do what is right/ not to do. Most of the leaterate people I know tends to believe to salesman rather than expert. Even after being victim , always trust the salesman. God save these people.

    Reply
  19. Avatar Rakesh mishraFebruary 6, 2013 at 10:04 AM

    Real message given for our country dear thanks for the team of quick heel

    thanks

    Reply