Malware in Android Market highlights Google’s vulnerability
Google has removed 21 applications from the Android Market after it was discovered that the apps secretly installed malware. The applications themselves included pirated and renamed versions of legitimate Android software that had been modified to include the malware and then offered for free on the Market. Together, the 21 programs received more than 50,000 downloads over the course of about four days.
The malicious applications sent personal details, including the phone’s unique IMEI number, to a US-based server. Worse, it exploited security flaws to root the phone, and installed a backdoor application that allows further software to be installed to the handsets. Though Google has now purged the applications from the Market, the rooting and backdoor mean that the anyone who has run one of the malicious programs should reset their phone to stock conditions to clean it up. The flaw used to root the operating system was fixed in Android 2.2.2 and 2.3, so users of those versions should be able to get away with simply removing the applications. The programs were all (re)published by an entity named Myournet; it too has now been removed from the Market.