There's hacking, then there's hacktivism. There's malware, then there's Android Trojans like the latest "threat" discovered by Symantec. Android.Walkinwat is like the Batman of mobile malware--a rogue vigilante seeking justice through means that also skirt legality, but for a good cause. There’s hacking, then there’s hacktivism. There’s malware, then there’s Android Trojans like the latest “threat” discovered by Symantec. Android.Walkinwat is like the Batman of mobile malware–a rogue vigilante seeking justice through means that also skirt legality, but for a good cause.The purpose of Android.Walkinwat is not to take control of your Android smartphone, compromise your personal data, or steal your bank account information. In fact, if you haven’t done anything wrong, you have nothing to fear from Android.Walkinwat. But, if you have a habit of downloading pirated Android apps rather than paying for the legitimate version, you might run into this Trojan.Android. Walkinwat poses as a pirated version of “Walk and Text”–a legitimate Android app. Users who install this version of “Walk and Text”, though, are in for a surprise. The Trojan will gather some information from the Android smartphone, then notify the user that they have been caught downloading a pirate version of the app.As if that is not enough, Android.Walkinwat adds public humiliation by sending an SMS text message to all of the contacts on the smartphone with the text “Hey, just downlaoded a pirated App off Internet, Walk and Text for Android. Im stupid and cheap, it costed only 1 buck. Don’t steal it like I did!” A Symantec blog post breaks down the hacktivist mobile malware in more detail. It describes how Android.Walkinwat uses a routine called “LicenseCheck”–a function typically used by legitimate Android apps for license management in conjunction with a Licensing Verification Library developed to help prevent piracy.A Symantec spokesperson explained, “Although this isn’t the first case of digital vigilante justice being used as means to send a message against piracy, it is the first of its kind discovered in the mobile threat landscape.” Apps–at least the vast majority of apps–cost virtually nothing. Yes, I agree it sucks to spend even one dollar and find out the app sucks, but it’s only one dollar. Someone, somewhere invested time and effort and some degree of skill and ingenuity to design the app, and that someone deserves to get paid. Related content brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security news Gitlab fixes bug that exploited internal policies to trigger hostile pipelines It was possible for an attacker to run pipelines as an arbitrary user via scheduled security scan policies. By Shweta Sharma Sep 21, 2023 3 mins Vulnerabilities Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe