Last week, it was revealed that 21 titles within the Android market were malware designed to install additional malware and potentially steal personal information from a user’s handset. The applications were free knockoff versions of popular games and had been downloaded over 50,000 times. These rogue applications targeted an exploit that was present in handsets running earlier versions of Android. The current version of Android (Android 2.2.2 and higher) is not affected by this exploit.
To combat this problem, Google is taking the following steps which includes remotely removing the affected software from a user’s handsets.
- We removed the malicious applications from Android Market, suspended the associated developer accounts, and contacted law enforcement about the attack.
- We are remotely removing the malicious applications from affected devices. This remote application removal feature is one of many security controls the Android team can use to help protect users from malicious applications.
- We are pushing an Android Market security update to all affected devices that undoes the exploits to prevent the attacker(s) from accessing any more information from affected devices. If your device has been affected, you will receive an email from firstname.lastname@example.org over the next 72 hours. You will also receive a notification on your device that “Android Market Security Tool March 2011” has been installed. You may also receive notification(s) on your device that an application has been removed. You are not required to take any action from there; the update will automatically undo the exploit. Within 24 hours of the exploit being undone, you will receive a second email.
- We are adding a number of measures to help prevent additional malicious applications using similar exploits from being distributed through Android Market and are working with our partners to provide the fix for the underlying security issues.
While some folks may not appreciate Google reaching into their handsets and removing software, Google is right in doing so in this instance. Savvy users will not be affected by this remote removal as they know how to remove applications and restore their handset to the factory software which wipes their device clean. Novice users will most likely appreciate the assistance and the steps Google is taking to remove this threat and prevent this from happening again.
Fans of the Android platform should also applaud these steps as malware in the Android market is a black eye for Google and its mobile OS. A prompt and decisive response to malware is needed to keep consumer’s confidence in the platform and prevent them from turning towards the walled garden of Apple for protection. Hardcore users wont abandon Android but the average consumer may and it is over these customers that Apple and Google are battling.
[Via Google Mobile Blog]