A few days ago I reported that users downloading Android classics such as Stripper Touch Girl and Sexy Women Puzzle had been infected with Android.Counterclank.
Symantec suggested that 1 to 5 million users were at risk, but now it reckons Android.Counterclank isn’t particularly malicious after all. Phew.
Writing on its blog, Symantec explains: “Since our initial blog post, we have determined the code in the Tonclank and Counterclank applications comes from the same vendor.
“The vendor is a company who distributes a SDK (software development kit) to third parties to help them monetize their applications, primarily through search.”
Realistically, the worst you can expect is a series of minor(ish) irritations, such as your browser’s homepage being changed, the addition of unwanted bookmarks and shortcuts added to your homescreen.
Symantec continues: “Due to the combined behavior of the applications, negative feedback from users who installed the applications, and the fact that previous applications (Android.Tonclank) using this code were initially suspended from the Google Market, we chose to notify users of Counterclank.
“We have also submitted a ticket to Google for the removal of Counterclank from the Android Market. Google replied quickly informing us the applications met their Terms of Service and they will not be removed.
“We expect in the future there may be many similar situations where we will inform users about an application, but the application will remain in the Google Android Market.
“We are also in discussions with the SDK provider and hope to provide feedback which helps ensure mobile users have the necessary details to make informed choices.”
And that’s the end of Android.Counterclank. Sort of.