This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Google removes malicious applications from Android Market and offers security fix for devices

Share this article:

Google has confirmed that it is removing malicious applications from both its Android Market and from affected devices.

As revealed by SC Magazine last week, Google removed 21 free applications from its Android market after they were discovered to be malicious. The applications were intent on getting root access to the user's device, gathering a wide range of available data and downloading more code to it without the user's knowledge.

Rich Cannings, Android security lead, said that it had removed the malicious applications from the Android Market, suspended the associated developer accounts and contacted law enforcement about the attack. Regarding remotely removing the malicious applications from affected devices, he pointed to a remote application removal feature as ‘one of many security controls the Android team can use to help protect users from malicious applications'.

He said: “We are pushing an Android Market security update to all affected devices that undoes the exploits to prevent the attacker(s) from accessing any more information from affected devices. If your device has been affected, you will receive an email from android-market-support@google.com over the next 72 hours.

“You will also receive a notification on your device that ‘Android Market Security Tool March 2011' has been installed. You may also receive notification(s) on your device that an application has been removed. You are not required to take any action from there; the update will automatically undo the exploit. Within 24 hours of the exploit being undone, you will receive a second email.”

Looking back at the incident, Cannings said that it acted ‘within minutes of becoming aware' of a number of malicious applications that were being published to the Android Market.

“The applications took advantage of known vulnerabilities which don't affect Android versions 2.2.2 or higher. For affected devices, we believe that the only information the attacker(s) were able to gather was device-specific (IMEI/IMSI, unique codes which are used to identify mobile devices, and the version of Android running on your device). But given the nature of the exploits, the attacker(s) could access other data, which is why we've taken a number of steps to protect those who downloaded a malicious application,” he said.

“We always encourage you to check the list of permissions when installing an application from Android Market. Security is a priority for the Android team, and we're committed to building new safeguards to help prevent these kinds of attacks from happening in the future.”


Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Banking Trojans target energy sector as APTs

Banking Trojans target energy sector as APTs

Banking Trojans are increasingly being used to launch advanced APT attacks, says IBM Trusteer, which has revealed a recent attack on several petrochemical companies in the Middle East using Citadel ...

Britain's small cyber security firms get £4m boost

Britain's small cyber security firms get £4m boost

Business secretary Vince Cable has launched a new £4 million government competition to help the UK's small cyber security businesses find new ways to combat the cyber threat.

GCHQ 'spied on Germany's Deutsche Telekom'; Germans sell spyware

GCHQ 'spied on Germany's Deutsche Telekom'; Germans sell ...

UK and US spies reported to spy on Deutsche Telekom in Snowden documents, while Germany's FinFisher accused of supplying surveillance software to repressive regimes.