More than 50 programs Android on Google's market has been discovered to be infected malware called with "DroidDream", which can compromise personal data by taking over the user's device, and which has been "suspended" from the store.
Google removed apps from the market immediately on being alerted, but it is not clear whether it has removed them from the entities to which they are retrieved. As many as 200,000 Android devices may have become infected.
The revelation comes from Android police, a news site on Google's operating system, which calls it "the mother of all Android malware", noting that its investigation had found that the "stealing almost everything: product ID, model, partner (provider?), language, country and userID. But it is all child's play; true pièce de résistance is that it has the ability to download additional code. In other words, there is no way to know what the app does after it is installed, and the possibilities are almost infinite. "
LookOut, one company, security, as in a blog post shows the 50-plus apps discovered to be infected. (The list is also below, via the Lookout).
Smartphones running Google Android software have been extremely popular and is the manufacturing company to be close to taking over the entire world as ahead of Finland's fastest-selling smartphone the Nokia platform. Its growth has been fuelled by the fact that the software is free license, and for developers that are free or control to put apps on the market – in contrast to Apple's iPhone App store, which checks each app against a suite of tests for suitability before allowing it in its inventory.
This has led market is growing rapidly, but also to situations such as the latest – which is not the first case of malware found on the market – harder to avoid.
The malware was first discovered by a reddish user Lompolo, who spotted, develops a malware apps also had the posted pirated versions of legit apps, using the developer name "myournet". But two other developers products have also found to include DroidReam.
Lompolo remarked that "myournet" had "taken 21 popular free apps from the market, injected them root exploit [code] and re-released". More worrying, they had seen between 50,000 and 200,000 downloads completely in just four days.
DroidDream contains code that can "root" – take control of – a user's decice, and send detailed information such as your phone's IMEI (International Mobile equipment identity) and IMSI (International Mobile subscriber identity) number and send them to remote servers. But as Android police team found, the code can go much further in rooting through a telephone.
Update: details about how the root code hereworks. Note that this is a "privilege escalation" attack-when the app starts, it uses the fact that it has user rights to jump out of his sandbox and root the phone.
It is a rather brutal reminder that Androids openness is both strength and at times like this, a weakness – but Google's quick action, which withdrew the apps from the Android market within just five minutes of being alerted, are encouraging.
It now looks likely that security companies will begin to compete to offer antivirus and anti-malware products for Android devices – which, given its rapid growth could prove a fruitful area for those with PC sales flattened.
If you have downloaded apps below, you must contact your telephone company.
Full list of infected programs published by the "myournet": • fall • Super guitar solo • Super history Eraser • Photo Editor • Super Ring tone Maker • Super Sex positions • Hot Sexy Videos • chess • ???? _Falldown • Hilton Sex Sound • Screaming Sexy Japanese girls • fall Ball Dodge • scientific calculator • dice rolls • ???? • advanced currency converter • App Uninstaller • ???? _PewPew • Funny • Spider Man • paint ???
Full list of infected programs published by the "Kingmall2010 5?: • Bowling time • advanced Barcode Scanner • Supre Bluetooth transfer • task Killer Pro • music box • sexy girls: Japanese • Sexy Legs • Advanced File Manager • Magic Strobe light • ?????? • ????Panzer • panic ????Mr. Runner • ?????? • advanced App to SD • Super stopwatch and timer • advanced compass Leveler • best password safe • ??? • ????
Full list of infected apps under Developer name "we20090202 5?: • • Finger Race • piano • bubble Shoot • Advanced Audio Manager • Magic Hypnotic Spiral • Funny face • color blindness Test • bind a necktie • quick notes • Basketball shots now • Quick delete contacts • Omok five in a row • Super sexy ringtones • ????? • ????? • ????
No comments:
Post a Comment