Malicious Apps removed from Android Marketplace – New Policy needed?

android marketplace malicious appsLast week AndroidPolice.com highlighted some Apps in the Android Marketplace that had been re-published by hackers with malicious code injected into them, allowing the Apps to discover certain things about the device they were installed on and send the information back to the hacker.

The rogue versions of legitimate Apps were able to report back the “IMEI and IMSI numbers along with product ID, model, partner (provider?), language, country, and userID.”

They reported this discovery to Google who had all the Apps against this publisher pulled within 5 minutes, however the Apps were available long enough to clock up over “50k-200k downloads combined in 4 days”.

Google have today confirmed, via their Mobile Blog, some further details on the attack and the steeps they have performed as a result of it:

1. We removed the malicious applications from Android Market, suspended the associated developer accounts, and contacted law enforcement about the attack.
2. We are remotely removing the malicious applications from affected devices. This remote application removal feature is one of many security controls the Android team can use to help protect users from malicious applications.
3. We are pushing an Android Market security update to all affected devices that undoes the exploits to prevent the attacker(s) from accessing any more information from affected devices. If your device has been affected, you will receive an email from [email protected] over the next 72 hours. You will also receive a notification on your device that “Android Market Security Tool March 2011” has been installed. You may also receive notification(s) on your device that an application has been removed. You are not required to take any action from there; the update will automatically undo the exploit. Within 24 hours of the exploit being undone, you will receive a second email.
4. We are adding a number of measures to help prevent additional malicious applications using similar exploits from being distributed through Android Market and are working with our partners to provide the fix for the underlying security issues.

The remote removal is a nice touch, its possible some users will never be aware that they downloaded a malicious App in the first place, but these are all reactive measure rather than proactive ones.

Those complaining against the tightly enforced publishing rules that the Apple App Store has, against the simple instant publishing of the Android Marketplace need to start rethinking their case now. It was only a matter of time before something like this happened, and the audacity of republishing trojan versions of existing Apps rather than just throwing a virus laden ‘flaslight app’ up highlights this even more.

Google needs to address this urgently, and it remains to be seen what Point 4 above (“We are adding a number of measures to help prevent additional malicious applications using similar exploits”) actually means. Will Google start verifying Apps before they are published? Certainly for those from unknown, untrusted, publishers it would certainly make sense.


  • Buy the iPhone 15 Pro on Three UK

  • Recommended Reading

    Sites we like or recommend you check out:

    Check this top list of the best Real Money Mexican Online casinos

    online-casino-malaysia.net is the place with the best betting deals in Malaysia

    All the best Casino games in this one List for Best Online Casinos in Mexico

    You can find the best advice and reviews at bestreviews.casino

    All Kuwaiti players are betting here: Best Online Casino in Kuwait

    How to open a company in the Netherlands

    Check out Legal services in Luxembourg

    Try out great Online Roulette games here: betiton.com/en-gb/casino/roulette/

    See the best uk casinos reviews at Onlinecasinoprofy

  • galaxy s3 covers on DHgate.com
  • Buy an Amazon Echo Show 5 for £39.99

    echo show stand