According to Christopher Brook of Threat Post:
Up to a million Android users in China could be part of a large mobile botnet according to research unveiled by Kingsoft Security, a Hong Kong-based security company, this week.
The botnet has spread across phones running the Android operating system via Android.Troj.mdk, a Trojan that researchers said exists in upwards of 7,000 applications available in third-party app stores, including the popular Temple Run and Fishing Joy games.
According to reports, the strain of malware was discovered in 2011 but recent analysis has shown the botnet has ramped up infection rates and at this point might have infected one million smartphones.
The botnet opens phones to remote hijacks and unauthorized purchases, according to a report by the BBC today while a separate report on China’s Xinhua News Agency [Translated] which first reported about the botnet earlier this week, claims the malware has caused some phones to randomly open “strange software” that is tricky to remove.
A similar Android botnet, Rootstrap, infected more than 100,000 devices and scammed users into sending fake SMS messages last year. That malware, much like Android.Troj.mdk, was largely confined to China and at the time was described as the largest mobile botnet documented to date. If Android.Troj.mdk has indeed spread to a million phones as Kingsoft suggests, it’s possible the botnet could soon overtake Rootstrap.
Alex This is interesting. China phones have been flooding the market for quite a while now especially with those less expensive android devices. I’m just wondering if this botnet can be traced by any installed antivirus apps installed in the android device and in some connected pc. It is prevalent that malware developers are targeting smartphones because of its sophistication and the ability to connect to the internet. It is inevitable that one day all these smart devices might crash because of malwares. I think, as precaution smartphone user might think of having an extra basic phone for the future. Maybe an extra nokia phone or Just5 phones will do.