It hasn’t been all that long since the March malware scare for Google Android. In that initial scare we saw Google moving in fairly quickly to evaluate and remotely massacre the malicious programs. But despite Google’s swift and decisive action, the actual root issues were not resolved. Lookout, a security firm, just announced that 25 programs with malicious code were found in the Android Market. Better yet, about 125,000 total downloads happened before the issue was caught.
The malicious code seems to be an alternate version of the malware that hit the market in March (dubbed Droid Dream). However, the code has been streamlined and functions have been slimmed down, leading to the nickname of Droid Dream Light. The code allows for third party access to information on the phone whenever an outbound call is made and can even prompt the download of more malicious code (although the user does have to confirm the installation in these cases).
The malware was built by combining existing, popular applications with the Droid Dream Light elements. Applications re-built and re-distributed in malicious form included:
- Sexy Girls: Hot Japanese
- Beauty Breasts
- System Monitor
- Super StopWatch and Timer
- Delete Contacts
- Brightness Settings
- Volume Manager
- Paint Master
While initial estimates from Lookout pegged the number of downloads at 30,000 to 100,000, it looks as though the figures were under-represented. The actual number of downloads seems to surpass 125,000. However, that still makes this issue less than half as widespread as the similar case in March.