New Android malware? Or just an ad network?

Symantec CounterClank diagram

Security firm Symantec raised eyebrows last week with a security notice about software it has dubbed Android.Counterclank, malware that the company claims can be found in over a dozen apps in the official Android market that have been installed as many as 5 million times. According to Symantec, CounterClank is a “bot-like” threat that, once installed on an Android device, can steal information and pass it along to a malicious host, and the software can respond to remote commands to carry out certain actions on the Android device. Devices with the software running might see a service running under the name “apperhand,” along with a new Search icon on the home screen.

A selection of the thirteen applications identified by Symantec have been pulled from the Android Market, but it’s not clear whether the apps were removed because of the presence of the possible malware or for unrelated reasons.

However, another mobile security firm, Lookout, says “Apperhand” isn’t malware at all: instead, they believe it’s an “aggressive form of ad network” that doesn’t have any malicious behaviors…but definitely pushes the limits of what users might expect an ad-enabled app to do.

“Malware is defined as software that is designed to engage in malicious behavior on a device. Malware can also be used to steal personal information from a mobile device that could result in identity theft or financial fraud,” Lookout wrote on its site. “Apperhand doesn’t appear to be malicious, and at this point in our investigation, this is an aggressive form of an ad network—not malware.”

According to Lookout, Apperhand pushes the envelope for ad network SDKs by including the capability to place a search icon on the mobile desktop, placing advertising in the Android device’s notification bar, and push bookmarks to the device’s mobile browser. Lookout admits they aren’t fond of these practices, but they don’t believe they meet the threshold for malware: the search engine, bookmarks, and notifications do no appear to be malicious. Lookout also notes that while Apperhand does forward along uniquely identifiable information, the same is true for nearly all ad networks, and Apperhand is obfuscating the data before it’s transmitted.

Both companies say they are continuing to investigate the software.

[Update 31-Jan-2012: Symantec has issued a follow-up detailing some of the Apperhand functions, and says they’ve confirmed the Apperhand code comes from a developer that publishes an SDK for monetizing Android applications. Like Lookout, Symantec questions Apperhand’s functions—including setting up home screen icons and pushing bookmarks without disclosure—but now stops short of calling it malware.]

Product Review

Nokia’s 3.1 Plus is an affordable phone that’s crippled by its camera

The Nokia 3.1 Plus is HMD Global’s first smartphone to be sold by a U.S. carrier in-store. It’s only available on Cricket Wireless right now, which underlines its focus on affordability. Should you buy a phone this affordable?

Can Amazon deliver? Firm announces plan to slash shipment carbon footprint

Amazon has announced an ambitious plan to halve its shipment carbon footprint by 2030. The company says improvements in electric vehicles, aviation bio fuels, reusable packaging, and renewable energy make the goal reachable.

These 30 useful apps are absolutely essential for Mac lovers

There are literally hundreds of thousands of great software programs compatible with MacOS, but which should you download? Look no further than our list of the best Mac apps you can find.

Google insists it’s doing what it can to purge Play Store of malicious apps

Google's efforts to provide a secure and safe Play Store for Android users resulted in the company rejecting 55 percent more app submissions in 2018 compared to a year earlier. But the challenge is ongoing.

These are the 6 best free antivirus apps to help protect your MacBook

Malware protection is more important than ever, even if you eschew Windows in favor of Apple's desktop platform. Thankfully, protecting your machine is as easy as choosing from the best free antivirus apps for Mac suites.

Love Playmoji pack adds animated Valentine’s stickers to your Pixel photos

Valentine's Day is here, and to celebrate, Google has added the "Love Playmoji" pack to the Playground feature on its Google Pixel camera. The new feature will add cute AR-driven extras to your Pixel photos.

OnePlus 6T vs. Honor View 20: We compare the cameras in these ‘flagship killers’

For less than $600, you can buy either the OnePlus 6T or the Honor View 20, two extremely capable smartphones with plenty of exciting features. But which one has the best camera? We found out on a recent trip to France.

Galaxy Watch Active isn't official yet, but you can see it in Samsung's own app

Samsung may be about to resurrect its Sport line of smartwatches under a new name: The Galaxy Watch Sport Active. Leaks and rumors are building our picture of the device at the moment.

Stop buying old tablets, says Samsung, buy the new Galaxy Tab S5e instead

Samsung has launched the Galaxy Tab S5e -- the E is for Essential -- a reasonably priced tablet that includes many of the features we like from the Tab A 10.5, and the Tab S4. Here's what you need to know.

Bag yourself a bargain with the best budget tablets under $200

The battle for your budget tablet affections is really ramping up. Which tablet, costing less than $200, should be commanding your attention? We take a look at some different options for the budget-conscious.

Focals succeed where Google Glass fumbled (but do we really need smartglasses?)

It’s been seven years since Google took the wraps off Google Glass. Now, we’re finally getting a modern-day equivalent we want to wear. North’s Focals combine subtle style with an intuitive interface to craft smartglasses you’ll…
Home Theater

Hi-res streaming audio service Qobuz arrives in U.S., threatens Tidal’s monopoly

For several years, Tidal enjoyed a monopoly on hi-res music streaming in the U.S. Now, French company Qobuz is here to offer some competition with a variety of monthly plans starting at $10 a month.

The best Samsung Galaxy S9 Plus cases to keep your titanic phone safe

The new Samsung Galaxy S9 Plus is a gorgeous device, with one of the best dual-lens cameras we've ever seen. Keep your titanic device safe and scratch-free with the best Samsung Galaxy S9 Plus cases.

How to perform a reverse image search in Android or iOS

You can quickly use Google to search, and reverse search, images on a PC or laptop, but did you know it's almost as easy to do in Android and iOS? We explain how to do it here, whether you want to use Chrome or a third-party app.