Google Issues Android Security Patch, After Attacks

Google has removed over 50 malicious apps from its Android Market and issued a security patch, after eventually admitting multiple malware attacks that compromised a number of Android-powered handsets last week.

According to the company, its Android team has also suspended the associated developer accounts and “remotely” deleted the infected apps from affected devices.

“This remote application removal feature is one of many security controls the Android team can use to help protect users from malicious applications,” wrote Android security engineer Rich Cannings on the company’s official mobile blog.

Google believes the attackers were able to acquire only “device-specific” information – IMEI/IMSI, unique codes used to identify mobile devices, and the operating system version detail – but admitted other data could have been accessed.

Android Market Security Tool March 2011

The infected apps contain rootkit malware called DroidDream, which can take command of a mobile handset, send personal details to a remote server, download and execute new code.

To prevent further exploit, Google has been installing a security update dubbed ‘Android Market Security Tool March 2011’ to all affected devices.

Users who downloaded a malicious app will receive an email from android-market-support@google.com, followed by a notification that the app has been “automatically” removed.

The infected apps were said to have seen 50,000 to 200,000 downloads in four days. However, the company has announced the DroidDream malware could not affect Android versions 2.2.2 or higher.

Android malware on the rise

Meanwhile, the malware incident has raised even more concerns over security issues facing the Android platform, including the one-time £15 entry fee that Google charges Android app developers.

“The entry barrier could definitely be made a bit higher, as it would make the creation of fake developer accounts more expensive,” said Vanja Svajcer, principal virus researcher at Sophos, explaining that the higher fee would prevent the attack pattern from “becoming a daily event”.

Svajcer also pointed out that the rate at which new Android malware is appearing is on the rise.

“The openness of the platform as well as the availability of alternative application markets makes Android-based devices more difficult to secure,” he added.

Following the malware attacks, the tech giant said it is adding a number of measures to sweep malicious applications from its Android Market, while providing fixes for the underlying security issues.

Pichayada Promchertchoo

Recent Posts

Hate Speech Watchdog CCDH To Quit Musk’s X

Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…

5 hours ago

Meta Fined €798m Over Alleged Facebook Marketplace Violations

Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…

6 hours ago

Elon Musk Rebuked By Italian President Over Migration Tweets

Elon Musk continues to provoke the ire of various leaders around the world with his…

8 hours ago

VW, Rivian Launch Joint Venture, As Investment Rises To $5.8 Billion

Volkswagen and Rivian officially launch their joint venture, as German car giant ups investment to…

9 hours ago

AMD Axes 4 Percent Of Staff, Amid AI Chip Focus

Merry Christmas staff. AMD hands marching orders to 1,000 employees in the led up to…

12 hours ago

Tesla Recalls 2,431 Cybertrucks Over Propulsion Issue

Recall number six in 2024 for Tesla Cybertruck, and this time the fault cannot be…

13 hours ago