iTnews
  • Home
  • News
  • Technology
  • Security

Developer claims Google slow on malware outbreak

By Stewart Mitchell on Mar 4, 2011 11:18AM
Developer claims Google slow on malware outbreak

Took a week to pull infected apps.

An Android developer has hit out at Google for the time it took to react to hijacked apps in its Market store.

There is continuing confusion over the severity of a rash of Android malware that forced Google to remove at least 21 apps from its Market, but at least one developer claimed Google could have reacted much more quickly after being informed of the threat more than a week ago.

The problem was brought to light by Reddit blogger Lompolo, who found the DroidDream virus in two apps listed on the official Market store.

After further investigation, the infected app count quickly rose to 21, while analysts at Lookout Mobile Security put the number of infected apps as high as 50.

The virus was packaged into apps that were stolen from their original developers and reposted in the Market with the virus included.

 

 

“I randomly stumbled into one of the apps, recognised it and noticed that the publisher wasn’t who it was supposed to be,” said Lompolo.

“Super Guitar Solo, for example, is originally Guitar Solo Lite. I downloaded two of the apps and extracted the APKs [Android Package files], they both contained what seems to be the 'rageagainstthecage' root exploit.”

While news of the virus emerged yesterday, the developer of the original app said he had known about the problem for more than a week, and received no response from Google despiting flagging the rogue apps as infected imposters.

“I'm the developer of the original Guitar Solo Lite,” the developer posted under the Reddit user name Coding Caveman. “I noticed the rogue app a bit more than a week ago because I was receiving crash reports sent from the pirated version of the app.

“I notified Google about this through all the channels I could think of: DMCA notice, malicious app reporting and Android Market Help.

"After yesterday's media coverage, Google finally contacted me and apologised for the delayed response, but there really should be a faster/easier way to get Google to act on it!"

Google has not issued a statement regarding the issue, but told PC Pro it was looking into the security problem, and three accounts that were posting the apps appear to have been removed from the Market.

According to Lompolo and Android security websites, the virus not only sends personal information such as the device number to overseas servers, but also opens a back door.

A full list of apps that might be affected can be found at the Lookout Mobile Security website, but the flaw used to root the operating system was fixed in Android 2.2.2 and 2.3, so anyone who has updated need only remove rogue applications.

This article originally appeared at pcpro.co.uk

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © Alphr, Dennis Publishing
Tags:
aappsdevelopergoogleinfectedpullsecuritytotookweek

Partner Content

Why rethinking your CMS is crucial for customer retention
Promoted Content Why rethinking your CMS is crucial for customer retention
Avoiding CAPEX by making on-premise IT more cloud-like
Promoted Content Avoiding CAPEX by making on-premise IT more cloud-like
How to turn digital complexity into competitive advantage
Promoted Content How to turn digital complexity into competitive advantage
Security: Understanding the fundamentals of governance, risk & compliance
Promoted Content Security: Understanding the fundamentals of governance, risk & compliance

Sponsored Whitepapers

Free eBook: Digital Transformation 101 – for banks
Free eBook: Digital Transformation 101 – for banks
Why financial services need to tackle their Middle Office
Why financial services need to tackle their Middle Office
Learn: The latest way to transfer files between customers
Learn: The latest way to transfer files between customers
Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see

Events

  • Forrester Technology & Innovation Asia Pacific 2022
By Stewart Mitchell
Mar 4 2011
11:18AM
0 Comments

Related Articles

  • ACCC greenlights Google's buy of Mandiant
  • Google Cloud joins AWS, Azure in gov data sovereignty scheme
  • Poor patching creates easy zero-day vulnerability reuse
  • ACCC starts review of Google's Mandiant buyout
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

NSW Police dumps Bezos-backed Mark43 from core systems overhaul

NSW Police dumps Bezos-backed Mark43 from core systems overhaul

Australian court finds insurer not liable for ransomware clean-up costs

Australian court finds insurer not liable for ransomware clean-up costs

ADHA extends Accenture's My Health Record support deal for $100m

ADHA extends Accenture's My Health Record support deal for $100m

Wesfarmers to stand up offensive cyber security capabilities

Wesfarmers to stand up offensive cyber security capabilities

Digital Nation

COVER STORY: How KPMG, Mirvac and ASX use blockchain to build trust in the property sector
COVER STORY: How KPMG, Mirvac and ASX use blockchain to build trust in the property sector
Australia will lose 11 percent of jobs to automation by 2040: Forrester
Australia will lose 11 percent of jobs to automation by 2040: Forrester
Metaverses on the agenda for Dominello, Husic ministerial meeting
Metaverses on the agenda for Dominello, Husic ministerial meeting
Criteo to fork out $94.7m for consent breaches
Criteo to fork out $94.7m for consent breaches
Domino’s invests in observability for zero contact delivery
Domino’s invests in observability for zero contact delivery
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.