Google Steps Up Security to Eradicate Malicious Apps

If you read any news at all related to Google, you already know that last week there was a wave of malicious apps pushed to the Android Market. Google took action within minutes to remove the offending software. They found that the infected apps could take device specific information, such as IMEI/IMSI that identify your device and what Android version you are running. There were found to be 21 malicious applications taking advantage of these vulnerabilities.

Steps Google has taken, directly from Google Mobile Blog:

  • We removed the malicious applications from Android Market, suspended the associated developer accounts, and contacted law enforcement about the attack.
  • We are remotely removing the malicious applications from affected devices. This remote application removal feature is one of many security controls the Android team can use to help protect users from malicious applications.
  • We are pushing an Android Market security update to all affected devices that undoes the exploits to prevent the attacker(s) from accessing any more information from affected devices. If your device has been affected, you will receive an email from over the next 72 hours. You will also receive a notification on your device that “Android Market Security Tool March 2011” has been installed. You may also receive notification(s) on your device that an application has been removed. You are not required to take any action from there; the update will automatically undo the exploit. Within 24 hours of the exploit being undone, you will receive a second email.
  • We are adding a number of measures to help prevent additional malicious applications using similar exploits from being distributed through Android Market and are working with our partners to provide the fix for the underlying security issues.
  • Understand that, if you are running Android 2.2.2 you will not be at risk to these specific attacks. So hopefully now that Google is taking additional steps to rid the Android Market and our devices of this problem, our beloved Android units will be more protected — although as always, we recommend a good security app like Lookout Mobile Security. Although there is always risk, at least Google has stepped up, and took action very quickly.

    [via Google Mobile Blog]

    About the Author: Adam Johnson

    Adam was born and raised in Florida. Once a grown man traveled around the country working as a contract 3D mechanical designer. Finally settled in Gainesville, FL doing the same work in a permanent position for a global medical device company. His interest in mobile devices started with his Motorola Q9h which sported Windows Mobile 6.1. Unfortunately he was captured by the enemy and owned an iPhone3G for a short while, but that didn't last long through some dealings with the mobile carrier at the time. Finally he found a happy secure place among the Android community, starting with his HTC EVO 4G and hasn't looked back. All during his time with these various smartphones, he's dug deep into them, hacking away to get the best performance he could, all the while making his devices unique. As new Android devices are always on the horizon, he can't say what his next device will be, but he is Android for life, and his passion for all things Google will stand fast.