Malicious apps were uploaded to Google's Android Market at the weekend.
According to F-Secure, the apps included malware that, if installed, attempted to send SMS messages to premium-rate numbers. Trojanised versions of popular apps were uploaded by the developer ‘Lagostrod'; these included downloaders for Angry Birds, Cut the Rope, Need for Speed: Shift, and Assassin's Creed: Revelations. Malicious apps were also uploaded by another rogue developer, ‘Miriada Production'.
Google removed the apps after being notified of the issue. However, according to mobile security firm Lookout, the apps were downloaded around 14,000 times. A Google spokesperson declined to comment on the incident.
Lookout claimed that Google responded quickly to its reports and pulled the apps from the Android Market and, at the time of removal, the applications had only been downloaded by a relatively small number of users, and the severity of the threat was low.
“However, the fraudsters posted 13 new supposed downloaders to the Android Market, once again positioned as free versions of popular games. It appears that these apps may have reached a broader audience while published to the market,” it said.
Vanja Svajcer, principal virus researcher at SophosLabs, said: “Logastrod exploited the ease of cloning Android apps, made Trojanised copies of many popular games and uploaded them to the Market. The attacker created at least a dozen copies of the most popular games and published them as a free version after adding code to send SMS messages to premium-rate numbers.
“Misusing premium SMS services is the most common model for malicious mobile malware. When a malicious app is installed, it starts sending or receiving messages, which makes the installation very expensive for the user. The damage is often seen only when it is too late, once a monthly bill is received.
“We have already stated several times that the requirements for becoming an Android developer that can publish apps to the Android market are far too relaxed. The cost of becoming a developer and being banned by Google is much lower than the money that can be earned by publishing malicious apps. The attacks on Android Market will continue as long as the developer requirements stay too relaxed.”