Google has had to remove from the Android Market 22 so-called RuFraud malware applications which send automated messages to premium rate lines.
The apps are the latest pieces of malicious software to be uploaded to the Android Market and come at a time when security experts are warning that malware developers are increasingly turning their attention to Google’s mobile operating system.
The apps presented users with a single option to continue, which was seen as an acceptance of the premium charge. Lookout has called the apps “RuFraud” for “Russian Fraud” because they are often found on Russian download sites.
Lookout said that there had been numerous instances of premium SMS toll fraud apps in the last few months which affected users in a number of European countries, including the UK, but not North America, as the SMS code is generated by the users SIM card.
The firm notified Google of nine identical apps which posed as wallpaper apps for movies such as Twilight and popular games Angry Birds and Cut the Rope. These were downloaded by just a handful of users and the threat was supposedly minimal.
However 13 more apps, published under the name Logastrod, found their way onto the Market, again masquerading as games. These trojanised copies of free games added code to send SMS messages to premium rate numbers.
Google responded swiftly but was not fast enough to stop over 10,000 users downloading the malicious software.
“We have already stated several times that the requirements for becoming an Android developer that can publish apps to the Android market are far too relaxed. The cost of becoming a developer and being banned by Google is much lower than the money that can be earned by publishing malicious apps,” commented Vanja Svajcer, principal virus researcher at Sophos. “The attacks on Android Market will continue as long as the developer requirements stay too relaxed.”
Over 10 billion apps have been downloaded from the Android market, which boasts a catalogue over 200,000 applications, however the security of the store has been a concern for many, with infected apps often being uploaded.
In March, Google removed over 50 malicious apps, making use of the remote kill feature which removes apps from infected devices, while in June it had to remove another 10 spyware applications.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…