Mobile security company Lookout spotted a new Android malware that can compromise a significant amount of personal data. Likely created by the same developers who made DroidDream back in March, this new threat (so called “Droid Dream Light” – DDLight) was identified at more than 25 applications from 4 developers, infecting 30,000-120,000 users thus far.
Malicious components of DroidDream Light are invoked on incoming voice call. The broadcast receiver then contacts remote servers and supplies the IMEI, IMSI, Model, SDK Version and information about installed packages. Moreover, DDLight may also be capable of downloading and prompting installation of new packages, though unlike its predecessors it is not capable of doing so without user intervention.
The list of infected applications includes (all of them have been removed from the Android Market in the meantime):
Magic Photo Studio
- Sexy Girls: Hot Japanese
- Sexy Legs
- Beauty Breasts
- Sex Sound
- Sex Sound: Japanese
- HOT Girls 1-4
Mango Studio
- Floating Image Free
- System Monitor
- Super StopWatch and Timer
- System Info Manager
E.T. Tean
- Call End Vibrate
BeeGoo
- Quick Photo Grid
- Delete Contacts
- Quick Uninstaller
- Contact Master
- Brightness Settings
- Volume Manager
- Super Photo Enhance
- Super Color Flashlight
- Paint Master
Finally in case you wonder, the Lookout Security Team identified the malware after receiving a tip from a developer who noticed a modified version of his app being distributed in the Android Market.
The company suggests users to download apps from trusted sources only, check for permissions an app requests, and be on alert for unusual behavior of the phone. Additionally, having a mobile security app is also a plus.