Chinese hackers hijack Google security tool

Insecurity outfit Symantec has warned about suspicious code which is under the bonnet of a repackaged security tool Google released last weekend.

The dodgy code appears in the Chinese version of the security tool which remotely cleans malicious apps off Android phones.

Symantec found the “trojanised” package on an unregulated third-party Chinese marketplace.

The technique of trojanising legitimate software is becoming the attack vector of choice for many hackers.

More than 58 malicious apps were found on the Android Market last week and downloaded onto about 260,000 devices. Google used its remote kill switch to wipe them from Android phones.

The repackaged version of the “Android Market Security Tool” can send SMS messages if instructed by a command-and-control server.

To add insult to injury, the code used in the new threat is based on a project hosted on Google Code and licensed under the Apache License, according to Symantec.

Of course the answer is to only download your Android software from a trusted source. Although the fact that 58 dodgy ones ended up in the official Android Marketplace did not bode well. At least from there, it can be remotely deleted.