The Inquirer-Home

Google is forced to purge malicious Android Market apps once again

Thousands of users are affected
Wed Jun 01 2011, 13:28

MOBILE SOFTWARE DISTRIBUTOR Google has removed 26 malware infected apps from the Android Market that are believed to have compromised the personal data of thousands of users.

Security firm Lookout said that the apps were likely created by the same developers who were responsible for a previous attack of Android malware called 'Droiddream' back in March. This affected 21 apps that were also suspended from the Android Market.

Given the moniker Droiddream Light, the malware had code associated with previous Droiddream samples and is believed to have affected between 30,000 and 120,000 users.

Magic Photo Studio, Mango Studio, ET Team, BeeGoo, Droidplus and Glumobi were the six developers named as publishing malicious apps with names like Sexy Legs, Volume Manager, Quick SMS Backup and Tetris.

None of the apps actually needed you to launch them on your device for the malicious bits to work, instead relying on an incoming voice call.

Tim Wyatt of Lookout wrote in a blog post, "The broadcast receiver immediately launches the.lightdd.CoreService which contacts remote servers and supplies the IMEI, IMSI, Model, SDK Version and information about installed packages."

"It appears that the DDLight is also capable of downloading and prompting installation of new packages, though unlike its predecessors it is not capable of doing so without user intervention."

Security firm F-Secure analysed one of the malicious apps in question, Hot Girls 1. It discovered that originally the app was initially harmless, but bad guy developer Magic Photo Studio downloaded it, modified it and re-uploaded it to the Android Market.

F-Secure also disclosed details of an Android Trojan that has been spreading for the last few weeks, which tries a few mobile espionage tricks previously seen on Symbian for the first time on Google's mobile operating system, promoting itself as an 'update for a security vulnerability'.

Mikko Hypponen, chief security researcher at F-Secure, said in a previous interview with The INQUIRER, "The risks are now higher than ever in mobile security. Android seems to be where the action is right now. Of the mobile platforms it is the weakest, especially from the application security point of view."

"It does have lots of security built in - in many ways Android security is much better than what you have on your computer. But when you compare the Android security model to Iphone, Windows Phone 7, Symbian and Blackberry, it is the weakest."

"The biggest weakness is the fact you can have unknown applications available for download from the marketplace, and it's happened multiple times that wrongdoers take successful applications and trojanise them." µ


Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

INQ Poll

Happy new year!

What tech are you most looking forward to in 2015