Google Again Pulls Malicious Apps from the Official Android Market

A number of times I posted links to Android malware news, like this one.

An important lesson in these messages was: don’t download apps from untrusted sources because you risk downloading an app that contains malware.

Every now and then though, the official Android Market gets infected with malware apps. And it happened again recently, where Google had to pull 22 malicious apps from the Market. The post linked below talks about an estimate of 14,000 infected users.

In total, Google took down over a hundred malicious apps already. Since Android phones are very popular with over 500,000 activations a day, I am afraid these malware practices will get worse. I hope I won’t be right and Google invents a mechanism to find and block these apps as soon as they appear.

In the meantime, people should not only be careful when downloading apps from external sources. The Android Market can contain a nasty bug every now and then too.

Link : CIO.com – Google Pulls 22 More Malicious Android Apps From Market

Researcher Demonstrates Proof-of-Concept Botnet of Android Phones

Just what the world was waiting for… *sigh*

[Georgia Weidman’s] Android proof-of-concept botnet installs itself in a fashion similar to the DroidDream malware, a trojan that could record phone conversations. The proof-of-concept botnet payload could be spread in several ways—either as part of a malicious application on an app store, or through a Web link sent to the smartphone or clicked in the mobile browser. “It ‘roots’ the phone,” she said, “and it works as a proxy between the cellular modem and the application layer.”

iOS users aren’t safe either. Weidman said that a similar botnet could also be created on iOS devices, but the malware needs to be distributed via a “jailbreak” package.

Link : ars technica – Researcher demos threat of “transparent” smartphone botnets