Last week, Symantec reported on the discovery of a new Android "Trojan" - Android.Counterclank - that has been thriving in the Android Market and has been downloaded several million times this year. With this huge number of downloads, it has even been awarded the dubious honour of being the most widespread mobile malware found so far this year. However, Symantec later clarified that its labeling of "Android.Counterclank" as malware/trojan was not accurate and in subsequent updates, downplay the malicious nature of the embedded package.
The update to its blog post stated:
"The situation we find ourselves in is similar to when Adware, Spyware, and Potentially Unwanted Applications first made appearances on Windows. Many security vendors did not initially detect these applications, but eventually, and with the universal approval of computer users, security companies chose to notify users of these types of applications."
According to Lookout, Android.Counterclank does exhibit some capabilities that most users would find unpleasant such as sending ads as push notifications. However, it does not try to steal users' data, or try to compromise devices in any illegal or fraudulent way. In other words, it's irritating and aggressive but will not result in compromise of personal data or confidential information.
Symantec had notified Google last Thursday on its findings and last we checked, the following 5 apps embedded with "Android.Counterclank" are still available on the Android Market. There used to be 13 of such apps in the market.
From publisher Ogre Games:
Balloon Game
Be Millionaire
Wild Man
From publisher redmicapps:
Pretty women lingerie puzzle
Sexy Girls Puzzle
It certainly looks like Google was in the midst of clearing these apps until someone alerted them to the wrong classification by Symantec.
Symantec reported Google's reply as follows:
"We have also submitted a ticket to Google for the removal of Counterclank from the Android Market. Google replied quickly informing us the applications met their Terms of Service and they will not be removed. We expect in the future there may be many similar situations where we will inform users about an application, but the application will remain in the Google Android Market."
While Symantec has been quick to downplay its initial wrong diagnosis and redirect the emphasis on Google's nonchalant reply to its "warnings", it does raise certain valid comparison with the early state of Windows to Android. Although the premises are different, the end results will not be that far off. Should Google still insist on its hands-off approach to the curation of the Android Market?
