New Android Trojan punishes pirates

A new Android Trojan is up an about, and can be find on several of the most popular file sharing sites in the US and Asia.

Disguised as a non-existent version of the legitimate Walk and Text application that can be found on Google’s Android Market, Android.Walkinwat – as Symantec researchers have dubbed it – aims to collect user information and shame them for having resorted to downloading what they thought was a cracked version of the app.

Once the app is run, it fakes the process of being cracked and while it does it, it silently collects the user’s name, phone number, IMEI information and more and tries to send it to an external server. It also sends the following text message to everyone in the contact list:

“Interestingly enough, the Trojan performs the above set of actions in a routine of Android.Walkinwat called ‘LicenseCheck’, something traditionally used by legitimate apps for license management in conjunction with a Licensing Verification Library available for the Android platform to help prevent piracy,” explain the researchers. “The authors of the malicious code have taken an extra step to make sure that their app was obfuscated, which is another recommended measure to prevent piracy.”

Having done all that, the Trojan shoots a parting blow and presents a message saying: “We really hope you learned something from this. Check your phone bill 😉 Oh and dont forget to buy the App from the Market”.

Personally, I would be really interested in knowing who created this Trojan. I seriously doubt it was the developer of the legitimate Walk and Text app – this would definitely ruin his reputation.




Share this