Follow this blog:: RSS; Email Alert

Smartphones

Google deletes malware-infected Android apps from users' phones

March 8, 2011, 4:26 PM PST

Takeaway: Google has remotely erased malware-infected applications from users’ phones. Jack Wallen thinks this latest attack is a clear sign that Google needs to shore up the application submission process for the Android platform.

DroidDream was the latest malware attack on the Android platform. The malware pulled the International Mobile Subscriber Identity (IMSI) and International Mobile Equipment Identity (IMEI) numbers from the infected phones. After those numbers were discovered, the app downloaded a rootkit, giving the attacker complete control of the device. Google pushed the Android Market Security Tool March 2011 application to all infected phones.

This is a critical issue because an attacker could gain access to a user’s contact information and cripple your phone, which could be a major issue if you’re in an emergency. Also, if you have malware on your phone, your number could be spoofed or hijacked and cause your bill to be 10 times what it should be.

What is the bigger issue: the malware-infected applications or the “kill switch” Google obviously has in place for the Android platform? From my perspective, it’s the malware-infected applications. As much as I dislike the Apple mobile platform, I think the company is handling the development process the right way. Apple’s application vetting process is so strict because the company cannot afford to allow malware of this nature onto its mobile devices.

I am a big fan of Android; the flexibility it offers is far and above any other mobile platform. But Google needs to act fast before users lose confidence in the Android platform. If Google would take more of a hard line approach to accepting apps in the Android Market, it might frustrate some developers, but the primary focus should be on the applications’ security and the end user’s data and experience.

For now, I recommend that you use discretion when downloading and installing Android applications.

Also read:

Google confirms it pulled malicious Android apps (CNET News)
Expert: Android Market should scan for malware (CNET News)
Google’s Android wears big bullseye for mobile malware (ZDNet)
Google kind of, sort of, addresses Android Malware (ZDNet)
Google flips on death-ray, nukes Android malware … but is it enough? (ZDNet)
What is Android missing? (TechRepublic)

Get IT Tips, news, and reviews delivered directly to your inbox by subscribing to TechRepublic’s free newsletters.

About Jack Wallen

A writer for over 12 years, Jack's primary focus is on the Linux operating system and its effects on the open source and non-open source communities.

HTC Inspire 4G: Read TechRepublic's review of the Android phone

How to manually update a Samsung Captivate to Froyo

Comments

Add Your Opinion

Join the conversation!

Follow via:: RSS; Email Alert

See All Comments

Staff Picks
Top Rated
Most Recent
My Contacts

No messages found

0 Votes

+ -

poor google

ereal_2000@... Updated - 12th May 2011

After reading this and other articles about Google Android and Apple IOS I am gearing more towards Apple.
It would be simple if Google just setup a vetting process for the apps before they go to market. It is so simple. Maybe another year or two Google will get their act together. Sure you can be open but at least provide something to prevent apps with malware. I just won't be able to trust the Android market until Google has a process to weed out these type of apps.

View in thread

0 Votes

+ -

A Comparison (reply to Bolaris)

Stalemate Updated - 10th Mar 2011

The reality that the Windows platforms are subject to the highest number of attacks (malware, spyware, virus, etc.) must be why they're constantly losing market share.

...oh wait. It isn't.

It still holds close to 90% of the workstation OS market share (http://en.wikipedia.org/wiki/Usage_share_of_operating_systems)

Despite the drawback of having to use my own common sense instead of relying on someone else's interpretation of what is "safe and acceptable" for me or not, I'd rather have a smartphone where my choices are more open-minded and allow me, the end user and purchaser, to decide.

A trusted vendor list or some review process (preferably by peers) would certainly help, but it will not stop me nor others in preferring the Android platform to those of the competition.

The iPhone has also had malware issues in the past (especially if jailbroken)*, and I don't see the sales being affected today because of it.

Caveat emptor.

* http://www.internetnews.com/security/article.php/3721016/First-iPhone-Malware-Found.htm
* http://arstechnica.com/apple/news/2009/11/truly-malicious-iphone-malware-now-out-in-the-wild.ars
* http://ca.gizmodo.com/322843/iphone-malware-demo-freaking-me-out-man

View in thread

1 Vote

+ -

Contributr

I gave it a year, that's not "premature"

Justin James 10th Mar 2011

From my comment:

"This is yet another reason why I've abandoned Android. A year ago I was singing its praises as my Motorola Devour astounded me with its functionality. Now, I am so grateful that I'm left the Android ecosystem behind."

I spent a year living with Android, it was miserable. I had two different Android phones, and both were literally as reliable as Windows 3.1. I was seriously considering dumping my smartphone altogether. I am currently using WP7, and I like it a lot. Most of the things I didn't like about Android are not issues on WP7. It has annoyances of its own too (the on-screen keyboard in particular... I liked the way Android handled adding spaces between words but removing them when I followed with punctuation), but so far, they aren't show stoppers like the problems I had with Android.

The malware in the marketplace scenario is a perfect example of the kinds of problems Android has. It's openness is its biggest advantage and its biggest problem.

J.Ja

View in thread

Once logged in, adding contacts is simple. Just mouse over any member's photo or click any member's name then click the "Follow" button. You can easily manage your contacts within your account contacts page.

See all comments