An alternative market version of Android Market Security Tool is loaded with malware for data theft, experts from the antivirus company Symantec have warned.
Android Market Security Tool app was released by Google in the first week of March to repair the damage caused by hacker attacks on Android Market.
“This application was automatically pushed to devices of users who had downloaded and installed infected applications,”Symantec said in a blog.
The infected app software can send the smartphone user’s personal information to a remote server, and can also block incoming calls and messages from certain mobile numbers, the anti-virus company added.
Trojanised applications also contain code to change an infected device’s APN settings.
The malicious service starts the Trojanised tool running in the background as “BgService”.
Users should only access regulated Android marketplaces for downloading and installing Android applications to avoid the malware, suggested Symantec.
“Also, in the Android OS application settings there is an option to stop the installation of non-market applications, which can help to prevent against this type of attack. Checking user comments on the marketplace can also assist in determining if the application is safe,” suggests Symantec.
Users should also check access permissions being requested during the installation of any Android applications. If they seem excessive for what the application is designed to do, it would be wise to stop installing the application, it added.