Google in Android Market malware purge

By
Page 2 of 2  |  Single page

Inside the Android malware

Google in Android Market malware purge

Once downloaded, the apps attempted to gain root access to a device using common exploit tools, such as “rageagainstthecage” or “exploid”.

They were often used by hobbyists to jailbreak or access the root account on their Android phones, Mahaffey said.

The apps then attempted to send data from the phone to a remotely controlled server. Specifically, they tried to steal IMEI and IMSI numbers, used to identify mobile phones, model numbers and the user's language, ID and country.

Most alarmingly, the apps attempted to open a backdoor to the devices that could be used to download additional malware, researchers said.

The apps gave attackers “full access” to a device, said Vikram Thakur, Symantec principal security response manager.

Cybercriminals regularly package malware inside seemingly legitimate apps and release them in unofficial, third-party app stores, researchers said. This time the malicious apps made their way on to the official Android Market, which provided a much larger pool of potential victims.  

Veracode chief technology officer Chris Wysopalsaid similar attacks were likely unless Google more stringently policed the apps it allowed.

Google relied on users to flag apps as harmful or inappropriate. If an app violated Google's policies, it was removed from the market and the developer may be blocked.

Other mobile app store providers took a different approach. Microsoft, for example, mandated that apps and games in its Windows Phone Marketplace were tested and certified for quality and performance before being offered to consumers.

Wysopal said Google should adopt a similar model: “I believe the app stores should be vetting the apps with an approval process before allowing them in”.

But Lookout's Mahaffey said Google's process allowed for an “open, innovative app ecosystem” and should not be changed.

Malicious apps disguised as legitimate programs began turning up the Android Market a year ago.

This article originally appeared at scmagazineus.com

Previous Page 1 2 Single page
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
androidbackdoorexploitgooglemalwaremarketrootkitsecurity

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?