The Mother Of All Android Malware Has Arrived: Stolen Appsm, That Root Your Phone, Steal Your Data,

[R5GTT]

Just noticed this on engadget:

We're sure that the debate of a carefully controlled and curated environment like Apple's App Store versus a free-for-all like the Android Market will rage on for years to come, but here's something to chew on: Google just removed some 21 apps from the Market in the last day from a publisher going by Myournet for doing all sorts of naughty things to your device. Offenses include attempting to root your phone, uploading phone information (including IMEI) to who-knows-where, and -- most egregiously -- adding a backdoor that allows additional code to be pulled down and executed.

More info at the source here : Android Police

 

[Jumblejug]

Quick reaction from Google to bring the apps and publisher down. That's some scarey stuff though.

Downloading 'Hilton Sex Sound' is asking for trouble though

 

[Participant]

Thank god I didn't download 躲避弹球.

 

[Cosimo]

I bet "Screaming Sexy Japanese Girls" got a few people.

 

[R5GTT]

this is the ultimate Android Trojan to date, it’s already been downloaded over 50,000 times.

I bet that was just hilton sex sound.

Seriously though some of the stuff there like guitar solo would seem legit and I have actually downloaded the real one some time ago.

 

[sarge78]

^Guitar solo lite got 50-100k downloads... (几何战机_PewPew sounds awesome! )

It is rather worrying though, imagine how many numpties phones you could control.
What's the worse case scenario? A phone botnet to bring down mobile network communications?
(Also, something like Go Launcher could easily be Chinese government spyware )

 

[Wossi]

What is scary is that Google managed to uninstall the dodgy apps from peoples phones

 

[mrochester]

It's uncanny how quickly Android is becoming the Windows of the smartphone world. Before long people will have to run anti-virus and firewall software on their smartphones. I bet Norton and McAfee are rubbing their hands together with glee!

 

[DefiantAsh]

It's uncanny how quickly Android is becoming the Windows of the smartphone world. Before long people will have to run anti-virus and firewall software on their smartphones. I bet Norton and McAfee are rubbing their hands together with glee!

With glee? im sure this thread is related to a mobile device operating system and not a television program

my mate downloaded a lighter app, seemed pretty cool, then his phone blacked out, and my mate rang his phone and it was a continuous ringtone for around 30 minutes :/

Surely if an app is uploaded it should be checked? seems unreasonable that defective applications can b submitted and enter the world of android, steal peoples information. What if they use their phone for checking bank details/paypal, worrying to say the least

 

[R5GTT]

It's uncanny how quickly Android is becoming the Windows of the smartphone world. Before long people will have to run anti-virus and firewall software on their smartphones. I bet Norton and McAfee are rubbing their hands together with glee!

I already run AVG anti virus software on my desire

Probably not a lot of use for most viruses but it makes me feel a bit better

 

[Mr Paul]

I run Lookout

 

[EniGmA1981]

+1 for AVG, just because it's a name I recognise LOL

If I could download MSE for my phone, I would! hehehe

Give it a few months, you'll find MalwareBytes on the market too

 

[.SJ]

...

 

[Wossi]

Where does it say that? (Genuine question)

Justin pinged a contact at Google to bring the issue to their attention. In the time I’ve proofed this post, they’ve already checked the apps and are planning on pulling them from the Market [Update: holy cheeseballs, they've been pulled already! Took less than 5 minutes from first contact to pull!], as well as remotely removing them from user’s devices. Unfortunately, that doesn’t remove any code that’s already been backdoored in.

 

[Fegruson]

This is where Android is the shortfall I'm afraid, not checking their apps enough. They need to be stringent on these security flaws, and getting OEMs and carriers to push them out, and not wait on their silly little carrier branding/UI overlays!

Those that say they have mobile security apps, they are probably useless. If an app can give itself root access and install some rootkit, what use is mobile security when it has no where near the permissions the malware has?

And I suspect that people are going to be blaming the user for downloading and not being careful when installing apps, and it isn't Google's problem is people are careless. More user data is stored on phones that people personal computer's these days IMO. Google needs to take the reigns and slap some life into OEMs/Carriers. What the hell is OHA for if they're not going to work together in these situations?!

 

[Cosimo]

Update from Google on the malware:

An Update on Android Market Security
Saturday, March 5, 2011 | 10:08 PM

On Tuesday evening, the Android team was made aware of a number of malicious applications published to Android Market. Within minutes of becoming aware, we identified and removed the malicious applications. The applications took advantage of known vulnerabilities which don’t affect Android versions 2.2.2 or higher. For affected devices, we believe that the only information the attacker(s) were able to gather was device-specific (IMEI/IMSI, unique codes which are used to identify mobile devices, and the version of Android running on your device). But given the nature of the exploits, the attacker(s) could access other data, which is why we’ve taken a number of steps to protect those who downloaded a malicious application:

1.We removed the malicious applications from Android Market, suspended the associated developer accounts, and contacted law enforcement about the attack.

2.We are remotely removing the malicious applications from affected devices. This remote application removal feature is one of many security controls the Android team can use to help protect users from malicious applications.

3.We are pushing an Android Market security update to all affected devices that undoes the exploits to prevent the attacker(s) from accessing any more information from affected devices. If your device has been affected, you will receive an email from [email protected] over the next 72 hours. You will also receive a notification on your device that “Android Market Security Tool March 2011” has been installed. You may also receive notification(s) on your device that an application has been removed. You are not required to take any action from there; the update will automatically undo the exploit. Within 24 hours of the exploit being undone, you will receive a second email.
4.We are adding a number of measures to help prevent additional malicious applications using similar exploits from being distributed through Android Market and are working with our partners to provide the fix for the underlying security issues.

For more details, please visit the Android Market Help Center. We always encourage you to check the list of permissions when installing an application from Android Market. Security is a priority for the Android team, and we’re committed to building new safeguards to help prevent these kinds of attacks from happening in the future.

Source

 

[teaboy5]

Hmm I have gitar solo lite, but it's from coding caveman?

Phew looks like the one from coding caveman is fine!

 

[hux]

Not affected, but hopefully having superuser installed means if if tries for root access then it'll be blocked, or at least ask me first.

 

[cymatty]

What is scary is that Google managed to uninstall the dodgy apps from peoples phones

That is pretty impressive tbh.

 

[russ0r]

Scary. I bet all the iPhone fanboys are laughing their arses off

I think Google need to start moderating the market. Once upon a time I would've said use common sense, but there's quite a lot of apps there that look 100% legit and one I even had installed a while back.
You can never be sure these days