Security firm TrustGo said it had discovered a “new and dangerous virus” in the Google Play store which it said was “designed to look like an update to the Lookout mobile security application”. However, in its official blog, Lookout said that it “poses a very low risk to mobile users”, and that it “is not primarily branded as a Lookout-specific update”.
The malware is called Updates, by developer Good Byte Labs, and is said to “steal SMS/MMS messages and video files, as well as all the files on the user's SD card and transmit them to a remote FTP server operated by the malware maker”. It was noted that it “hides its presence on the infected user’s device by removing itself from the device’s full Application List, leaving only a false and misleading icon in the Downloaded Apps list that uses the familiar logo of Lookout, and the name, Updates”.
Lookout said that: “Although the app does contain a Lookout branded asset, it was not primarily branded as a Lookout-specific update. The only way that a user could confuse the application with Lookout is after installation.”