All the latest UK technology news, reviews and analysis

Android.Exprespam malware affecting thousands of devices

21 Jan 2013
Google Android Malware

Symantec has warned that a new piece of Android spam may have already stolen thousands of pieces of information from infected devices in just two weeks.

The Android.Exprespam spam was discovered by Symantec earlier in January and is believed to have been active for just two weeks.

Despite its brief period of activity Symantec analyst Joji Hamada said there is evidence the malware has already stolen hundreds of thousands of files from infected devices.

"The data obtained, which is only a portion of the complete data, indicates that the fake market called Android Express's Play has drawn well over 3,000 visits in a period of a week from 13 January to 20 January," wrote Hamada.

"Based on several sources, I calculated that the scammers may have stolen between 75,000 and 450,000 pieces of personal information."

The Android.Exprespam is a malicious app available on a number of third-party Android stores. The app is designed to steal information stored on the infected Android tablet or smartphone and send it to a remote location controlled by the criminals.

Hamada warned that the scammers' success would likely spur the authors to escalate their efforts.

"The scam has only been around for about two weeks so I am sure that this is just the beginning for the scammers and the amount of personal data collected will increase exponentially," wrote Hamada.

"As proof of this, we have found yet another domain registered by the creators of Exprespam and they also created another version of their fake market on the new domain. The scammers are constantly modifying their tactics so that the scam provides a good ‘return' for them."

Hamada was quick to note that the figures are currently just estimates and the exact infection remains unknown.

The Trojan app is one of many targeting the Android ecosystem. F-Secure security chief Mikko Hypponen has in the past attributed the increased levels of malware targeting Android to its open nature.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?

Popular Threads

Powered by Disqus

Samsung Galaxy S5 video review

We break down the key strengths and weaknesses of Samsung's latest Android flagship

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery


iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Senior IS Development Manager (Hands-on) (£48,000pa + Benefits)

Leading Innovative Technology Distributer seeking a talented...

Programme Manager (Technical/Delivery)

Programme Manager (Technical/Delivery) A fantastic...

Senior Test Analyst- Manual- Automation- Gain Selenium

Senior Test Analyst Greenfield site, Promotion to Management...

Junior Technical Support Analysts x 3/4 - Swindon - New Roles!!

Junior Technical Support Analysts x 3/4 - Swindon - New...
To send to more than one email address, simply separate each address with a comma.