The INQ: Always giving you more. Or less. More or less
|
|
|
Google's Android security tool gets spoofed by malware
SOFTWARE DEVELOPER Google has found its Android Market Security Tool spoofed to include a variant of the Trojan that it was supposed to detect.
Google's Android Market Security Tool was released to combat the 'Droid Dream' Trojan that would send private information to a remote server, however a slightly modified version of the application has appeared on a third party Android Market. Sophos detected the backdoor Trojan as Troj/Bgserv-A and says it operates in a manner similar to that of its predecessor.
Sophos advises that Android users should examine the list of permissions the Android Market Security Tool displays before installing it. Unlike Google's official version, the malware version requires additional permission to use "services that cost you money". Sophos also points out that unlike Google's application, which is at version 2.5, the malware version is at 1.5.
The discovery of a spoofed security tool will increase the pressure on Google to clamp down on Android security. While this application isn't available on the mainstream Android Market, the fact that the underlying operating system can be compromised like this suggests that Google still has a lot of work to do to secure Android.
Sophos' Vanja Svajcer claims that in his view the ability to easily access third-party application stores was a mistake by Google from a security point of view. Limiting the sources of software might not be the answer though, as Linux users have been downloading software from all over the Internet without facing significant security threats, so it's not the multiplicity of sources that's really the issue, but rather a lack of adequate security procedures.
As this malware isn't on a Google controlled Android Market, the firm lacks the capability to remove the application by force. It can in theory exercise its remote kill switch to help contain the damage, although the long term priority should be to fix the underlying security model of its Android operating system. µ
Tags: Google
Share this:
Share
Installation of non-market apps is disabled by default. To be affected by this malware, a person would have to manually change this setting, download the app from god-knows-where, then manually install it ignoring the permissions. If you've gone that far out of your way to make a stupid decision, you deserve the consequences.
This article may as well concern the durability of android devices, pleading Google to take prompt action because android phones break when you tie them to the railroad tracks or shoot them with a gun.
If I wanted my OS to babysit me, I would have bought an apple product. Anyone who installed this app clearly should have.
Users are responsible about the software they choose to install. The should use software only from trusted markets or from reliable authors outside the market. I personally never install any application requiring more permissions than it should.
Note that a trusted market, like Google one, requires the developers to identify using a credit card. On this way, malware authors can be prosecuted. We must query Google to report every case to judges, in order to call for justice and future issues prevention.
Anyway, in closed ecosystems (like Apple iOS or WP7) malware not only exists, but and in addition all devices are jailed with the false excuse of "security" (that is: unfair market practices against competitors).