Google suspends more ‘suspicious’ Android apps

gallery

Google has suspended a number of apps after a researcher discovered spyware was making its way around the Android Market.

Computer science professor Xuxian Jiang from NC State University discovered malicious code named Plankton in a number of apps posted on the Android Market.

The code appeared in a number of apps related to the hugely popular Angry Birds games and ran as a background service, making it somewhat difficult to discover.

“The malicious apps install additional code into the Android device into which they’re installed,” said Webroot researcher Andrew Brandt, in a blog post.

“These additional functions provide remote access and control of the Android device to, presumably, the distributor of the malicious apps, whose identity remains unknown at this time.”

Jiang found the malicious apps differed from previous infected Android applications, in that Plankton did not use various exploits on devices to obtain root access to the OS.

“Instead, the remote commands simply give an unknown criminal access to what some may consider sensitive data on the phone, including the browser history, bookmarks, and homepage settings in the built-in Android browser,” Brandt explained.

Jiang said there were at least 10 infected apps on the official Android Market from three different developers. Google appears to have dealt with the Plankton issue, however.

"We're aware of and have suspended a number of suspicious applications from Android Market,” a Google spokesperson said.

“We suspend apps and developer accounts that violate our policies."

Google has been busy removing infected apps from the Android Market in recent months. Last month, it had to remove a host of apps infected with the notorious DroidDream malware.

Email to a friend

Print this page