Android Botnet Claims 1 Million Victims in China

News
By published

Trojan-based attack hidden in over 7,000 apps, including popular games such as Temple Run.

Security researchers have discovered a vast Android-related mobile botnet in China that has affected over one million victims.

The attack, based on a Trojan, affects Google's Android platform by being hidden in more than 7,000 apps. That includes popular games such as Temple Run and Fishing Joy.

Once the botnet is installed, the attacker can remotely control the victim’s smartphone, consequently allowing them to steal data, download additional apps and integrate adware.

The ‘Andorid.Troj.mdk’ Trojan itself was discovered back in 2011 by security firm Kingsoft Duba. However, with Android dominating the Chinese market during 2012, a lack of awareness over mobile security threats from new mobile owners has allowed the botnet to infect over one million users.

Meanwhile, SpamSoldier, a similar Android malicious mobile application is confined to the U.S. During the third quarter of 2012, Android malware surged by a considerable amount.

  • More: If you're traveling to China, make sure to get the best China VPN
See more Phones News
Zak Islam
Zak Islam
Contributing writer

Zak was a contributing writer at Tom's Guide with a focus on security, networking and general computing. As a fan of any and all news relating to hardware, graphics chips or CPUs, Zak has also written for other tech sites such as Tom's Hardware and Digital Trends.

Latest in Android Phones
Galaxy S25 Plus held in the hand.
Samsung could delay One UI 7’s release in the US — here’s what we know
Android 16 screen-off fingerprint unlock in Settings menu
Android 16's latest beta lets all Pixel users unlock their phone more easily — here’s how
Galaxy S25 Ultra Now brief
Samsung’s Personal Data Engine is a big addition to the Galaxy S25 — here’s why
Samsung Galaxy S25 Edge next to Galaxy S25 Plus
Samsung Galaxy S25 Edge vs. Galaxy S25 Plus: Everything we know so far
Samsung Galaxy S25 Ultra vs S25 Plus vs S25
Satellite messaging on Google Pixel 9 and Samsung Galaxy S25 just landed on 3 more carriers
back of Iris Pixel 9a
The Google Pixel 9a is lacking one of the Pixel 9’s best safety features — here’s what we know
Latest in News
NYTimes Connections
NYT Connections today hints and answers — Tuesday, March 25 (#653)
A first look at Amazon's Fallout TV series coming to Prime Video
‘Fallout’ season 3 plans are reportedly being made — while season 2 is still filming
Surface Laptop 7 from the front
Amazon just gave Surface Laptop 7 a 'frequently returned' label — here's what's going on
New emojis with iOS 18.4 beta release.
iOS 18.4 beta brings 8 new emoji to your iPhone — here's all the new options
23andME box
23andMe has declared bankruptcy — here's how to delete your data now
half-life alyx
Latest Half-Life 3 rumors point to a 2025 release — and maybe pigs will fly
More about android phones
Galaxy S25 Plus held in the hand.

Samsung could delay One UI 7’s release in the US — here’s what we know

Android 16 screen-off fingerprint unlock in Settings menu

Android 16's latest beta lets all Pixel users unlock their phone more easily — here’s how
Dyson Airstrait lifestyle images

Dyson Airstrait review: wet-to-dry straightener delivers frizz-free shine in minutes, at a price
See more latest
27 Comments Comment from the forums
  • A Bad Day
    Yeah, I don't think that attack was sponsored by the government...

    Maybe China would invest a little more into cracking down on the Mob hackers?

    (I call them "Mob" because many professional hackers work together, just like criminal gangs)
    Reply
  • JackFrost860
    I was a big fan of Android and i used a GS2 for almost two years; but the security model of Android of unverified apps being uploaded to the Play Store every day is just tacking the platform to a perfect storm; news reports like these are just the beginning. Android needs to start charging for uploading apps to the Play store like Microsoft and Apple do, and the money spent of reviewing the code before releasing it to the customer base.
    Reply
  • Android has no security holes than the iraqi navy* Fixed
    Reply
  • A Bad Day
    JackFrost860I was a big fan of Android and i used a GS2 for almost two years; but the security model of Android of unverified apps being uploaded to the Play Store every day is just tacking the platform to a perfect storm; news reports like these are just the beginning. Android needs to start charging for uploading apps to the Play store like Microsoft and Apple do, and the money spent of reviewing the code before releasing it to the customer base.
    However, Google still has to walk a fine line between setting the flood gates to "full open" and being a tyrant about selecting which stuff to approve.

    When the first iPhones came out, a company got screwed over by Apple when Apple's review committee took over three years to approve their preemptively heavily marketed app.

    By the time the app was available on the market, the new iPhones already included the app's feature.

    Ouch...
    Reply
  • house70
    Meh. I'm still in charge of my phone. I can keep it tight and secure, or I can open it up to whatever dubious apps I want. It's up to me.
    Reply
  • expressionate
    Will an Antivirus like Avast help to protect my phone?
    Reply
  • A Bad Day
    house70Meh. I'm still in charge of my phone. I can keep it tight and secure, or I can open it up to whatever dubious apps I want. It's up to me.
    You have no idea how many people social engineering can dupe, and how many of those people thought they were being smart.

    expressionateWill an Antivirus like Avast help to protect my phone?
    Well, smartphones are essentially ultra-mobile computers. Better safe than sorry.
    Reply
  • madjimms
    enmass90Android has no security holes than the iraqi navy* Fixed*facepalm*
    Reply
  • sundragon
    A Bad DayHowever, Google still has to walk a fine line between setting the flood gates to "full open" and being a tyrant about selecting which stuff to approve.When the first iPhones came out, a company got screwed over by Apple when Apple's review committee took over three years to approve their preemptively heavily marketed app. By the time the app was available on the market, the new iPhones already included the app's feature.Ouch...
    Care to post a link to that app, just asking to cite your sources...

    Ouch
    Reply
  • A Bad Day
    During my Introduction to Computer Concepts (state mandated high-school class), we were shown a rather dated CBS (I think) documentary on the iPhone, what made it so influential, and how were developers building apps and submitting them to be reviewed. The DVD documentary was published after Apple reached its 1 billion app mark.

    The company submitted an app that had to do with "enhancing communication" (don't fully remember), and proceeded to run advertisements in anticipation of their app being approved quickly.

    However, a group of indie developers got lucky that their app was approved within 3 months.
    Reply
Most Popular
NYTimes Connections
NYT Connections today hints and answers — Tuesday, March 25 (#653)
NYT Strands on a cellphone
NYT Strands today — hints, spangram and answers for game #387 (Tuesday, March 25 2025)
Two members of our review team photographed during a pressure relief test on the Saatva Classic mattress, with one typing notes into a laptop and the other measuring the amount of sinkage caused by a 56lb cast iron weight being dropped into the middle of the Saatva Classic mattress
People with this bed type are most satisfied with their mattress — and it’s not what we expected
A first look at Amazon's Fallout TV series coming to Prime Video
‘Fallout’ season 3 plans are reportedly being made — while season 2 is still filming
New emojis with iOS 18.4 beta release.
iOS 18.4 beta brings 8 new emoji to your iPhone — here's all the new options
Surface Laptop 7 from the front
Amazon just gave Surface Laptop 7 a 'frequently returned' label — here's what's going on
23andME box
23andMe has declared bankruptcy — here's how to delete your data now
half-life alyx
Latest Half-Life 3 rumors point to a 2025 release — and maybe pigs will fly
NFL Sunday Ticket logo for YouTube
NFL Sunday Ticket 2025 pricing revealed — and it's bad news
Russian flag with padlock smashing through glass
47 VPNs could be axed from Google Play Store following Russian demands