Welcome to WebmasterWorld Guest from 54.167.65.217

Forum Moderators: bakedjake

Message Too Old, No Replies

Malicious Apps Found In Android Marketplace

     
2:12 pm on Mar 3, 2011 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:22315
votes: 239


Malicious Apps Found In Android Marketplace [bbc.co.uk]
More than 50 applications available via the official Android Marketplace have been found to contain a virus.

Analysis suggests that the booby-trapped apps may have been downloaded up to 200,000 times.

The malicious apps were copies of existing applications, such as games, that had been repackaged to include the virus code.

All the apps found to contain the malicious code have now been removed from the Android Marketplace.

2:29 pm on Mar 3, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member wheel is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Feb 11, 2003
posts:5063
votes: 11


Makes me wonder if there's not an opportunity for an opensource marketplace.
2:58 pm on Mar 3, 2011 (gmt 0)

Administrator

WebmasterWorld Administrator coopster is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:July 31, 2003
posts:12533
votes: 0


For those concerned, the publisher of the apps containing the root kit was "MYOURNET" as seen on the Android Police snapshot [androidpolice.com].
4:33 pm on Mar 7, 2011 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:22315
votes: 239


According to Google, they are removing the malicious Apps remotely.

Android Security Information Update [googlemobile.blogspot.com]
We removed the malicious applications from Android Market, suspended the associated developer accounts, and contacted law enforcement about the attack.
We are remotely removing the malicious applications from affected devices. This remote application removal feature is one of many security controls the Android team can use to help protect users from malicious applications.
We are pushing an Android Market security update to all affected devices that undoes the exploits to prevent the attacker(s) from accessing any more information from affected devices. If your device has been affected, you will receive an email from android-market-support@google.com over the next 72 hours. You will also receive a notification on your device that “Android Market Security Tool March 2011” has been installed. You may also receive notification(s) on your device that an application has been removed. You are not required to take any action from there; the update will automatically undo the exploit. Within 24 hours of the exploit being undone, you will receive a second email.
We are adding a number of measures to help prevent additional malicious applications using similar exploits from being distributed through Android Market and are working with our partners to provide the fix for the underlying security issues.