Android market attacked – killswitch used

01 Apr 11

Google was forced to issue an emergency security update in March after a number of malicious applications were published to its Android Market. The fraudulent applications were said to be part of an attack that was labelled ‘Droid Dream’.  
"Within minutes of becoming aware, we identified and removed the malicious applications,” said Android Security Lead, Rich Cannings. The applications were said to have taken advantage of known vulnerabilities in older handset devices but they wouldn’t have affected Android versions 2.2.2 or higher. Any one running Gingerbread or Honeycomb versions of Android shouldn’t have anything to worry about.
Hackers would have been able to gather information about the affected mobile devices and in some cases access other data. "We’ve taken a number of steps to protect those who downloaded a malicious application,” said Google who added that it would remotely remove the malicious apps from affected devices via a new killswitch feature. "This remote application removal feature is one of many security controls the Android team can use to help protect users from malicious applications,” continued Cannings.
An Android Market security update was sent out to all affected devices that undoes the exploits and prevents the attackers from accessing any more information. Users were also told to expect a message that an application has been removed. Google confirmed that the attack had been reported to the police. The web version of the Android Market was only launched in February, allowing users to browse and download apps from their desktops.

Share on: LinkedIn Twitter Facebook