Google has had to remove from the Android Market 22 so-called RuFraud malware applications which send automated messages to premium rate lines.
The apps are the latest pieces of malicious software to be uploaded to the Android Market and come at a time when security experts are warning that malware developers are increasingly turning their attention to Google’s mobile operating system.
The apps presented users with a single option to continue, which was seen as an acceptance of the premium charge. Lookout has called the apps “RuFraud” for “Russian Fraud” because they are often found on Russian download sites.
Lookout said that there had been numerous instances of premium SMS toll fraud apps in the last few months which affected users in a number of European countries, including the UK, but not North America, as the SMS code is generated by the users SIM card.
The firm notified Google of nine identical apps which posed as wallpaper apps for movies such as Twilight and popular games Angry Birds and Cut the Rope. These were downloaded by just a handful of users and the threat was supposedly minimal.
However 13 more apps, published under the name Logastrod, found their way onto the Market, again masquerading as games. These trojanised copies of free games added code to send SMS messages to premium rate numbers.
Google responded swiftly but was not fast enough to stop over 10,000 users downloading the malicious software.
“We have already stated several times that the requirements for becoming an Android developer that can publish apps to the Android market are far too relaxed. The cost of becoming a developer and being banned by Google is much lower than the money that can be earned by publishing malicious apps,” commented Vanja Svajcer, principal virus researcher at Sophos. “The attacks on Android Market will continue as long as the developer requirements stay too relaxed.”
Over 10 billion apps have been downloaded from the Android market, which boasts a catalogue over 200,000 applications, however the security of the store has been a concern for many, with infected apps often being uploaded.
In March, Google removed over 50 malicious apps, making use of the remote kill feature which removes apps from infected devices, while in June it had to remove another 10 spyware applications.
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…