On October 27, as Android smartphones rapidly gained popularity, mobile phone malware and malicious ad plugins also began to proliferate. The 360 Mobile Guardian detected that a mobile Trojan disguised as "Android Update" had become the current "King of Viruses" for mobile phones, infecting nearly 500,000 Android devices.
According to Zhang Xu, a mobile security expert at 360 Mobile Guardian, the "Android Update" Trojan disguises itself as a system update, prompting users to install it. It then steals user call logs, contact lists, and phone hardware information while secretly downloading dozens of malicious applications in the background. This process consumes hundreds of megabytes of data traffic and causes direct financial losses for users.
"Since many smartphone users only seek help from security vendors after discovering their bill losses and download security software to detect and remove the Trojan, this has led to the Trojan infecting nearly 500,000 phones," said Zhang Xu.
It is understood that Trojans achieve their purpose of诱导 (inducing) users to install by masquerading as system software or tampering with legitimate apps. Many Trojans, including the "Android Update," primarily focus on two harmful behaviors: stealing phone fees and invading privacy.
Zhang Xu stated that currently, the technical threshold for creating Android Trojans is relatively low, leading to a rapid increase in newly added mobile Trojans. Users should be particularly cautious and download apps through official and reliable channels rather than randomly searching or downloading unfamiliar apps shared by strangers on forums.
For smartphone users, another point of concern should be pre-installed applications on counterfeit phones or those installed via unauthorized custom ROMs. According to a sampling analysis conducted by 360 Mobile Guardian on over 1,500 pre-installed apps, approximately 80% of these pre-installed applications excessively request permissions, meaning they ask the operating system for system-level permissions unrelated to their core functionalities. Such overstepping behavior poses a significant threat to user privacy and security.