Android Botnet Claims 1 Million Victims in China

News
By
published

Trojan-based attack hidden in over 7,000 apps, including popular games such as Temple Run.

Security researchers have discovered a vast Android-related mobile botnet in China that has affected over one million victims.

The attack, based on a Trojan, affects Google's Android platform by being hidden in more than 7,000 apps. That includes popular games such as Temple Run and Fishing Joy.

Once the botnet is installed, the attacker can remotely control the victim’s smartphone, consequently allowing them to steal data, download additional apps and integrate adware.

The ‘Andorid.Troj.mdk’ Trojan itself was discovered back in 2011 by security firm Kingsoft Duba. However, with Android dominating the Chinese market during 2012, a lack of awareness over mobile security threats from new mobile owners has allowed the botnet to infect over one million users.

Meanwhile, SpamSoldier, a similar Android malicious mobile application is confined to the U.S. During the third quarter of 2012, Android malware surged by a considerable amount.

  • More: If you're traveling to China, make sure to get the best China VPN
See more Phones News
Zak Islam
Zak Islam
Contributing writer

Zak was a contributing writer at Tom's Guide with a focus on security, networking and general computing. As a fan of any and all news relating to hardware, graphics chips or CPUs, Zak has also written for other tech sites such as Tom's Hardware and Digital Trends.

More about android phones
OnePlus 13 and OnePlus 13R

OnePlus reportedly developing massive smartphone batteries — what we know
samsung galaxy s25 edge mockup at galaxy unpacked

Samsung Galaxy S25 Edge design leak just revealed surprise new material

An image showing Shazam open on an iPhone

This iPhone feature lets you identify songs using the action button — here's how it works
See more latest
27 Comments Comment from the forums
  • A Bad Day
    Yeah, I don't think that attack was sponsored by the government...

    Maybe China would invest a little more into cracking down on the Mob hackers?

    (I call them "Mob" because many professional hackers work together, just like criminal gangs)
    Reply
  • JackFrost860
    I was a big fan of Android and i used a GS2 for almost two years; but the security model of Android of unverified apps being uploaded to the Play Store every day is just tacking the platform to a perfect storm; news reports like these are just the beginning. Android needs to start charging for uploading apps to the Play store like Microsoft and Apple do, and the money spent of reviewing the code before releasing it to the customer base.
    Reply
  • Android has no security holes than the iraqi navy* Fixed
    Reply
  • A Bad Day
    JackFrost860I was a big fan of Android and i used a GS2 for almost two years; but the security model of Android of unverified apps being uploaded to the Play Store every day is just tacking the platform to a perfect storm; news reports like these are just the beginning. Android needs to start charging for uploading apps to the Play store like Microsoft and Apple do, and the money spent of reviewing the code before releasing it to the customer base.
    However, Google still has to walk a fine line between setting the flood gates to "full open" and being a tyrant about selecting which stuff to approve.

    When the first iPhones came out, a company got screwed over by Apple when Apple's review committee took over three years to approve their preemptively heavily marketed app.

    By the time the app was available on the market, the new iPhones already included the app's feature.

    Ouch...
    Reply
  • house70
    Meh. I'm still in charge of my phone. I can keep it tight and secure, or I can open it up to whatever dubious apps I want. It's up to me.
    Reply
  • expressionate
    Will an Antivirus like Avast help to protect my phone?
    Reply
  • A Bad Day
    house70Meh. I'm still in charge of my phone. I can keep it tight and secure, or I can open it up to whatever dubious apps I want. It's up to me.
    You have no idea how many people social engineering can dupe, and how many of those people thought they were being smart.

    expressionateWill an Antivirus like Avast help to protect my phone?
    Well, smartphones are essentially ultra-mobile computers. Better safe than sorry.
    Reply
  • madjimms
    enmass90Android has no security holes than the iraqi navy* Fixed*facepalm*
    Reply
  • sundragon
    A Bad DayHowever, Google still has to walk a fine line between setting the flood gates to "full open" and being a tyrant about selecting which stuff to approve.When the first iPhones came out, a company got screwed over by Apple when Apple's review committee took over three years to approve their preemptively heavily marketed app. By the time the app was available on the market, the new iPhones already included the app's feature.Ouch...
    Care to post a link to that app, just asking to cite your sources...

    Ouch
    Reply
  • A Bad Day
    During my Introduction to Computer Concepts (state mandated high-school class), we were shown a rather dated CBS (I think) documentary on the iPhone, what made it so influential, and how were developers building apps and submitting them to be reviewed. The DVD documentary was published after Apple reached its 1 billion app mark.

    The company submitted an app that had to do with "enhancing communication" (don't fully remember), and proceeded to run advertisements in anticipation of their app being approved quickly.

    However, a group of indie developers got lucky that their app was approved within 3 months.
    Reply