Google won't kill 'malicious' Android apps

Powered by SC Magazine
 

Apps dubbed malicious by Symantec did not violate terms of service.

Google will not remove 13 Android applications dubbed malcious by security firm Symantec.

The applications included action, adventure and puzzle games that had data stealing capabilities, according to Symantec.

The security company said the apps included the software development kit (SDK) dubbed Appherhand that installed a search bar on the user's phone and allowed the distributors to change the user's home page and add and remove bookmarks and shortcuts.

Symantec security response director Kevin Haley said questioned the legitimacy of Apperhand.

"I'm not sure why you would need to pull someone's bookmarks," Haley told SCMagazine.com."I'm not aware of the benefit."

The apps contained a trojan dubbed by Symantec as Counterclank and have been downloaded between one and five million times, Haley said.

Apperhand was similar to an SDK  present in other apps that appeared recently in the Android Market.

They carried malicious code dubbed Plankton which provided distributors with remote access to a users' device.

Google temporarily suspended the apps but later found they were not harmful.

"You should be aware what you're getting into when you download these apps, and if you don't want them taking these actions on your phone, then I think you should remove them," Haley said.

Google would not remove the apps stating they did not violate its terms of service, Symantec said.

Lookout Mobile Security said it does not consider the applications malware but "an aggressive form of [an] ad network" which "should be taken seriously".

As the mobile device space continues to mature, security companies and platform providers will be forced to sort out applications worth flagging.

Haley likened this to the early days of the PC industry when spyware programs routinely were considered innocuous.

"Maybe we don't have all the nomenclature set yet in the Android or malware space."

"We're building consensus on what these things ought to be called."

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition


Google won't kill 'malicious' Android apps
Flickr
 
 
 
Top Stories
Westpac committed to core banking plan
[Blog post] Now with leadership.
 
The True Cost of BYOD - 2014 survey
Twelve months on from our first study, is BYOD a better proposition?
 
Photos: Unboxing the Magnus supercomputer
Pawsey's biggest beast slots into place.
 
 
Flickr
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Apple's top MacBook Pro with Retina is now cheaper
Aug 1, 2014
Apple has updated its MacBook Pro range with faster processors and new pricing, including ...
Pass on carbon tax savings, warns ACCC
Jul 24, 2014
The ACCC is warning businesses that supply "regulated goods" to pass on any cost savings ...
Have customers that won't pay debts?
Jul 10, 2014
The ACCC and ASIC have updated their advice when it comes to collecting debts.
Carpet cleaner faces court over online testimonials
Jul 4, 2014
The ACCC has initiated proceedings against A Whistle (1979) Pty Ltd, the franchisor of Electrodry...
You can now get 15GB of free online storage using Microsoft OneDrive
Jun 25, 2014
Cloud storage has reached both the capacity and price where it's a viable alternative to local ...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  30%
 
Application integration concerns
  3%
 
Security and compliance concerns
  27%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  22%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  4%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 1166

Vote