Home 30,000 to 120,000 Android Users Affected by New Variant of Droid Dream Malware

30,000 to 120,000 Android Users Affected by New Variant of Droid Dream Malware

Between 30,000 and 120,000 users of Android devices are believed to have been affected by new mobile malware which has its roots in an earlier scourge known as Droid Dream. This variant, called Droid Dream Light, appears to have been created by the same developers whose malware had infected over 50 applications back in March. According to Lookout Security, the new malware was found in over 25 mobile applications, all of which Google has since removed from the Android Market.

Droid Dream “Light”

Droid Dream Light is a stripped down version of the original DroidDream, says Lookout. Its malicious components are invoked upon the receipt of a “android.intent.action.PHONE_STATE intent” – for example, an incoming phone call. That means that this variant is not dependent on the manual launch of the malicious application in order to trigger it into action. Instead, explains Lookout via blog post:

The broadcast receiver immediately launches the <package>.lightdd.CoreService which contacts remote servers and supplies the IMEI, IMSI, Model, SDK Version and information about installed packages.  It appears that the DDLight is also capable of downloading and prompting installation of new packages, though unlike its predecessors it is not capable of doing so without user intervention.

In other words, despite the malware’s designation of “Light,” in some ways it’s actually more malicious as it requires no user actions to take place in order for it to launch.

Lookout says it identified the malware thanks to a tip from a developer who notified them that modified versions of his app and another developer’s app were being distributed in the Android Market.  The Lookout team then confirmed that there was malicious code in these apps and identified those as containing much of the same code as earlier DroidDream samples.  Four different developer accounts were used to distribute the malware. The following apps were infected:

Magic Photo Studio

  • Sexy Girls: Hot Japanese
  • Sexy Legs
  • HOT Girls 4
  • Beauty Breasts
  • Sex Sound
  • Sex Sound: Japanese
  • HOT Girls 1
  • HOT Girls 3
  • HOT Girls 2

Mango Studio

  • Floating Image Free
  • System Monitor
  • Super StopWatch and Timer
  • System Info Manager

E.T. Tean

  • Call End Vibrate


  • Quick Photo Grid
  • Delete Contacts
  • Quick Uninstaller
  • Contact Master
  • Brightness Settings
  • Volume Manager
  • Super Photo Enhance
  • Super Color Flashlight
  • Paint Master

Lookout reminds users that to stay safe, they should install from trusted sources, check the developer name and reviews, check for the permissions the app is requesting, be aware of any unusual behavior on their phone and, of course, use a mobile security app like the one from Lookout.

Unfortunately, that last requirement is becoming all too much of a necessity on Android devices these days, especially since much of the malware mimics the naming formats, descriptions and even the code of other popular titles. Not only is this bad for the end user, it’s bad for developers, whose apps’ names are ripped off and used to distribute malware.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.