Share

Related Links

  • Google Android
  • Reed Exhibitions Ltd is not responsible for the content of external websites.

Top 5 Stories

News

Google tackles Android malware-fest

08 March 2011

If you've been reading Infosecurity's news pages in recent weeks and months, you're probably aware of the dangers lurking in the Android open source smartphone environment. Now Google - the developers of Android - has woken up to the fact as well, as is promising to remediate the security problem.

As reported last week, as many as 200,000 users of Android smartphones may have been subverted by infected versions of legitimate apps offered for download on the Android Market, the Google equivalent of the Apple iTunes store.

In a weekend posting, Rich Cannings, Android's security lead, said that he and his team became aware of the DroidDream infections last week and removed the offending apps.

The malware, he says, took advantage of known vulnerabilities which do not affect Android versions 2.2.2 or higher.

Infosecurity notes that tens of millions of Android smartphones - even those being sold today - are based on Android 2.1 or earlier.

They cannot be updated without reflashing the driver chipsets of the handset, a task that only a small percentage of users are capable of doing.

Cannings also asserts that the DroidDream malware only harvested the serial numbers (IMEI/IMSI) of the mobiles, but given the nature of the exploits, the attacker(s) could access other data, which he explained is why Google has taken a number of steps to protect those who downloaded a malicious application.

"We removed the malicious applications from Android Market, suspended the associated developer accounts, and contacted law enforcement about the attack", he said.

We are remotely removing the malicious applications from affected devices. This remote application removal feature is one of many security controls the Android team can use to help protect users from malicious applications", he added.

The good news is that Google is now pushing an Android security update to all the affected devices "to prevent the attacker(s) from accessing any more information from affected devices."

In parallel with this, the Android security lead says he and his team are adding a number of measures to help prevent additional malicious applications using similar exploits from being distributed through Android Market.

Google is also, he says, working with our partners to provide the fix for the underlying security issues.

"Security is a priority for the Android team, and we're committed to building new safeguards to help prevent these kinds of attacks from happening in the future", he noted.

 

This article is featured in:
Malware and Hardware Security  •  Wireless and Mobile Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×