On March 5th, 2011, Google released an update about the malicious apps that were uploaded to the Android Market. The update discussed Google’s actions to remove the apps from the marketplace and from infected devices.
Who Was Affected
Android versions older than 2.2.2 were vulnerable to the apps. All users who downloaded the infected applications received an email from Google explaining what happened and what Google is doing to rectify the problem. Approximately 260,00 devices were infected by the apps. Many of the devices infected weren’t actually infected due to the fact they had the most recent Android updates.
Which Apps
Many of the infected apps were actually malicious versions of legitimate ones. The total count was 58, which were removed from the Android Market on March 2nd.
Virus
The Trojan that managed to infiltrate the Android Market has been called DroidDream. Android.Pjapps was another virus that appeared as illegitimate versions of real Android apps in third party app stores. Since DroidDream appeared to be legitimate apps in a trusted marketplace, the virus was able to infect more devices.
So far, Google has released that DroidDream was able to record user and product information from an infected device. In addition, more code could be downloaded which would cause more damage to the device or user.
Legal Action
All developer accounts that were associated with the infected apps have been suspended. Law enforcement officials have been contacted to investigate the developers.
Fixing the Problem
Google has used a remote kill switch to remove the infected apps from Android devices without requiring any actions from the user. This allows Google to immediately remove any malicious apps or software as soon as a problem is discovered to prevent any harm to the user or their device.
An update is being pushed out that not only removes the apps, but protects you from similar attacks, called Android Security Tool March 2011. Users will receive an email within 24 hours after the problem has been taken care of.
This issue was actually patched completely with Android 2.3. When developers realized a potential security flaw, they created a new version of the software to prevent hackers from exploiting the flaw.
Future Issues
Google is currently working with their partners to prevent any other malicious apps from being added to the Android Market. The Android Team is working hard to prevent future attacks and repair additional security issues.
How to Stay Safe
In order to stay as safe as possible, always review the permissions list for any apps you install. Also, install apps from trusted sources only, such as those from the Android Market. Attacks through the Android Market are likely to be recognized and solved faster. Always install the latest security updates and software versions as these patch vulnerabilities in your Android system.
References:
Google Mobile Blog – http://googlemobile.blogspot.com/2011/03/update-on-android-market-security.html
Cnet Reviews – http://reviews.cnet.com/8301-19736_7-20038240-251.html
