Related Links

  • Google Android
  • Reed Exhibitions Ltd is not responsible for the content of external websites.

Related Stories

  • Amazon announces plans to security-check Android apps
    Amazon has revealed it will launch its own app store, offering apps to users of Android and other smartphone platforms. The publishing giant also says it will be security vetting all apps before releasing them to users.
  • 200,000 Android smartphones may be infected with malware
    Reports are coming in that the Google Android Market – the Android equivalent of Apple's iTunes – has been subverted by a range of infected versions of legitimate apps, which have been downloaded by as many as 200,000 smartphone users.
  • iPhone, iPad to get Android-like gesture security lock screen?
    One of the features that Apple may reveal later today when it – as is widely expected, launches the iPad 2 – will be an Android-like pattern lock screen for iOS, the operating system of the iPhone, iPad and iPod Touch.
  • "Android is terrifying" says ESET's David Harley
    David Harley, ESET's senior researcher fellow, is hosting a presentation on the mysteries of the Stuxnet malware on day one of the Infosecurity Europe show next month, and Infosecurity got a chance to talk to him about the latest trends in malware.
  • Google Android apps send credentials in the clear
    The Google Android smartphone platform has come under fire for a lack of security in certain apps, including an 'official' Facebook application that transmits certain user credentials in the clear.

Top 5 Stories


Google tackles Android malware-fest

08 March 2011

If you've been reading Infosecurity's news pages in recent weeks and months, you're probably aware of the dangers lurking in the Android open source smartphone environment. Now Google - the developers of Android - has woken up to the fact as well, as is promising to remediate the security problem.

As reported last week, as many as 200,000 users of Android smartphones may have been subverted by infected versions of legitimate apps offered for download on the Android Market, the Google equivalent of the Apple iTunes store.

In a weekend posting, Rich Cannings, Android's security lead, said that he and his team became aware of the DroidDream infections last week and removed the offending apps.

The malware, he says, took advantage of known vulnerabilities which do not affect Android versions 2.2.2 or higher.

Infosecurity notes that tens of millions of Android smartphones - even those being sold today - are based on Android 2.1 or earlier.

They cannot be updated without reflashing the driver chipsets of the handset, a task that only a small percentage of users are capable of doing.

Cannings also asserts that the DroidDream malware only harvested the serial numbers (IMEI/IMSI) of the mobiles, but given the nature of the exploits, the attacker(s) could access other data, which he explained is why Google has taken a number of steps to protect those who downloaded a malicious application.

"We removed the malicious applications from Android Market, suspended the associated developer accounts, and contacted law enforcement about the attack", he said.

We are remotely removing the malicious applications from affected devices. This remote application removal feature is one of many security controls the Android team can use to help protect users from malicious applications", he added.

The good news is that Google is now pushing an Android security update to all the affected devices "to prevent the attacker(s) from accessing any more information from affected devices."

In parallel with this, the Android security lead says he and his team are adding a number of measures to help prevent additional malicious applications using similar exploits from being distributed through Android Market.

Google is also, he says, working with our partners to provide the fix for the underlying security issues.

"Security is a priority for the Android team, and we're committed to building new safeguards to help prevent these kinds of attacks from happening in the future", he noted.


This article is featured in:
Malware and Hardware Security  •  Wireless and Mobile Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×