Rogue apps sneak into Android Market

Malicious apps find their way onto Android's official market, but Google appears to have reacted fast.

Android

Over 50 malicious apps found their way onto the Android Market, but have now been removed, according to reports.

Reddit contributor Lompolo was first to notice the issue, when he found 21 Android legitimate apps had been repackaged with an exploit known as "rageagainstthecage" designed to gain root access to users' devices.

A report from Android Police indicated that between 50,000 and 200,000 versions of the malicious apps could have been downloaded before Google pulled the plug.

The apps were able to steal device details such as IMEI numbers and could even download more code and install extra malware designed to take even more data from users.

Various apps released under the developer names "Kingmall2010, "we20090202 and "Myournet" were affected. In a follow-up blog post, Android Police claim that the exploits used no longer work under Android 2.3. If true, this incident highlights one of the disadvantages of the delays Android users often face in getting the latest operating system updates.

Google have removed the apps and banned the rogue developer it believes to be responsible from Android Market, reports indicated. The tech giant has also ensured the apps were remotely removed from the affected handsets.

However, Rik Ferguson, senior security advisor at Trend Micro, said just taking the apps offline may not help those who downloaded the infected apps.

"Of course this remote kill switch will not remove any other code that may have been dropped onto the device as a result of the initial infection," Ferguson said in a blog.

"So if you are one of the estimated 50,000 people who have downloaded these malicious apps it could be worth your while investigating the possibility of getting a replacement handset or reinstalling the operating system on the one you have if possible."

At the time of publication, Google had not responded to a request for comment on the situation.

There have been plenty of concerns over the security of the Android Marketplace, but before this there had not been any major issues.

Instead, most threats had been seen passing through third-party app stores.

As Android becomes more popular, however, the marketplace will become more of a target for cyber criminals.

Philip Dall, mobile security expert with internet security company BullGuard, said users should ensure where the app has come from in the first place.

"First and foremost, you should think twice before you download applications by finding out who uploaded it, check which rights and actions the app wishes to make use of, and consider whether this sounds right or not," Dall said.

"Secondly, you should install security software on your phone."

IT PRO recently warned about the potential security time bomb facing the plethora of app stores now open to consumers and businesses alike.

Featured Resources

The challenge of securing the remote working employee

The IT Pro Guide to Sase and successful digital transformation

Free Download

VMware Cloud workload migration tools

Cloud migration types, phases, and strategies

Free download

Practices for maximising the business value of digital infrastructure Consumption-as- a-Service subscriptions

IDC PeerScape

Free Download

Container network security guide for dummies

Enforcing Kubernetes best practices

Free download

Recommended

Google banned from importing patent-infringing tech following Sonos IP victory
Policy & legislation

Google banned from importing patent-infringing tech following Sonos IP victory

7 Jan 2022
Google, Facebook fined €210 million for making it difficult for users to reject cookies
Policy & legislation

Google, Facebook fined €210 million for making it difficult for users to reject cookies

6 Jan 2022
Google is working with leading PC manufacturers to improve Android on Windows
Google Android

Google is working with leading PC manufacturers to improve Android on Windows

6 Jan 2022
Google Cloud acquires Israeli security startup Siemplify
cloud security

Google Cloud acquires Israeli security startup Siemplify

5 Jan 2022

Most Popular

How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

4 Jan 2022
Microsoft Exchange servers break thanks to 'Y2K22' bug
email delivery

Microsoft Exchange servers break thanks to 'Y2K22' bug

4 Jan 2022
Solving cyber security's diversity problem
Careers & training

Solving cyber security's diversity problem

5 Jan 2022