A massive Trojan botnet has been discovered in Android devices in China and this serves as a timely reminder of the growing vulnerability of the Android platform. Staggeringly, this botnet has infected more than 1 million Android devices that function in China.
The high vulnerability of Android devices in China can be put down to the numerous unlicensed third-party application sources. A majority of Android users in China download apps and games from these unlicensed sources rather than the official Google Play store (this process is known as Sideloading). Needless to say, these unverified sources carry a greater number of threats and malwares than the official channels. Moreover, many low cost Android devices in China come pre-installed with several apps and games and some of these programs contain embedded Trojans and other threats.
The botnet carries the risk of remote hijacking
This botnet has been discovered in more than 7,000 popular apps that originate from unlicensed third-party sources. Once installed, the Trojan integrates the device into the botnet and gains remote access to crucial files. As a result, it collects phone numbers, contact lists, SMS content, photos, videos, geo-location data and other private information as well. It can also download other malicious apps and adware files into the system. All these activities make the device slow, drain battery life and cause financial damage to the unsuspecting user.
Today China has more than 400 million mobile users out of which more than 150 million users function on the Android platform. Mobile Internet usage is also on the rise in the country (an increase of 18%) and it is one of the fastest growing Android markets in the world. So the potential for damage in China is immense, especially when people access unlicensed sources to download apps and games.
Precautions to take to avoid this botnet
This Trojan could potentially spread to India as well so it is essential for Android users to exercise caution. We highly recommend that Android users install a mobile security suite on their device and keep this software updated at all times. Moreover, data usage stats and call history should also be regularly monitored for any signs of suspicious activity. Apps and games ask for special permissions before they are installed so these permissions should also be scrutinized effectively.
However, the most important precaution to follow is to disable the sideloading feature completely. Google Play has a vast collection of apps and games so sideloading should only be enabled when the source is trusted and essential to derive the application from. Here are the steps to disable sideloading.
Once sideloading has been disabled from an Android device it is relatively safe from threats that exist in third-party sources. Trojans like this can originate from various outlets so it is imperative for users to maintain an updated mobile security suite and follow several safety precautions as well. We will continue to monitor this threat and inform our readers if the botnet spreads to India in the future.
25 Comments
Dear Sir,
Very good article. Follow your blog everyday.
Yes its absolutely right…
thanks 4r the compiment be helpful next time also
computer me wares problkam ho raha hai . aap k company ka softwear uploda kiya hai . fir ye probla kyo ho raha ha hai ,
pc hang ho rahah hai ?
Hi,
Please visit this link – https://www.quickheal.co.in/submitticket.asp. You can submit a ticket about your issue and our support team will contact you with a solution.
Regards.
what about Windows Phones ;)?
Also, My maths is too weak to fill captcha thus I used bot!!!!!..kidding!
Who can create such a good “bad” Trojan bot for Android except the big rivals!!!! “Epple” 😀
????
We all should follow the instruction mentioned for the Android users… Thanks.
i want required more information on this topic
Massive Android botnet invades China: Could India be the next target?
we have to protect our cell phine from viruses..
good warning. One should follow it strictly.
Sir, I am using Quick heal Mobile security and from past couple of months my mobile security is continuously giving notifications saying that “A threat requires your attention”. When i click on it & go further its says i should either uninstall or skip it. But these are softwares & live wallpapers that i have downloaded from google play(Market).I dont understand this(antivirus is upto date).
Help from an expert like you will be appreciated.
Hi Ankit,
Sometimes, certain free apps on Google Play get Trojans embedded with them in their code. It is possible that since Quick Heal is flagging these apps, there may be some malicious Trojan in them. It is advisable to remove the apps immediately. Also, kindly visit this link to submit a ticket – https://www.quickheal.co.in/submitticket.asp. Once done, our support team will contact you with a solution.
Regards.
Thanks for giving this information, it is very useful.
Thanks a lot.
Excellent note
Thank you for sharing
Thanyou so much
Thanks rahul for sharing a very crucial info with darker side of Android
I’m happy to use quick heal internet security
Thanks..
go on helping in the same manner
Its really useful information but just i want to know will QuikHeal remove this from my andriod mobile device.
Hi Mangesh,
If this botnet does in fact reach Indian devices, Quick Heal most certainly detect it and remove it from Android devices.
Regards.
Dear Sir,
good morning
Very good article. Follow your blog everyday.it was working is well.
In a country like India, lot of people are convinced by shopkeeper, who is interested in selling his stock. Never care what will happen to customer , who believe him as friend, and do whatever shopkeeper/salesman says. Unless seller is trustworthy, no one will do what is right/ not to do. Most of the leaterate people I know tends to believe to salesman rather than expert. Even after being victim , always trust the salesman. God save these people.
Real message given for our country dear thanks for the team of quick heel
thanks