Android Marketplace suffers major malware attack

Google yanks 21 infected applications
Author:
Publish date:
19_androidmarket184.jpg

Google removed at least 21 Android applications from the Marketplace that were infected with a form of malware that is capable of stealing private data.

Having been alerted to the rogue applications by androidpolice.com, Android OS curator Google reportedly took less than five minutes to remove the applications from the Market and enacting the system which allows Google to remotely uninstall applications which had already been downloaded.

However the applications were up on the Marketplace for four days, during which time they were downloaded 50 to 250,000 times.

The attack came as a publisher took 21 popular free applications and republished them with trojan horse code included. An investigation by androidpolice hacker Justin Case revealed that the code was capable of rooting a phone, stealing virtually all the private data as well as having the ability to download further malicious code.

Previously most infected Android applications were found on third party download markets, rather than the official Marketplace. 

Symantec warned that Android malware was on the rise and advised Android owners: "To avoid becoming a victim of such malicious Android applications, we recommend that you only use regulated Android marketplaces for downloading and installing Android applications."

However this latest breach raises serious questions about the security of even the official Android Marketplace. 

Related