Security Bytes

Mar 31 2011   7:12PM GMT

Symantec outs Android vigilante app justice


By Ryan Cloutier, Contributor

New among the rapidly growing mobile malware landscape is Android.walkinwat; however, instead of the usual black hat aims of normal malware this version seeks to deter victims from downloading pirated software.

Walkinwat attracts victims by posing as a version of a legitimate app in off label versions of Android app stores and the infected application is available on several prominent file sharing websites throughout North America and Asia. The real app, Walk and Text, is available in the Google approved app store.

Upon running the infected app, the infected user is presented with a pop-up screen that gives the appearance the app is being cracked, while instead the app is actually gathering sensitive information from the victim’s phones and sending it to an eternal server according to Ifran Asrar writing for Symantec’s Security Response blog.

According to Asrar the malware also sends the following text message to all of the contacts in the infected user’s contact list:

“Hey, just downlaoded a pirated app off the internet, Walk and Text for Android I’m stupid and cheap, it costed only 1 buck. Don’t steal like I did!(sic)”

The app concludes with a similar message to the user instructing them to check their phone bill and offering them the option of buying the legitimate app from the App Store.

“Although this isn’t the first case of disciplinary justice being used as means to send a message against piracy, this is the first of its kind discovered on the mobile landscape,” writes Asrar.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: