Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Google tackles Android malware-fest

As reported last week, as many as 200,000 users of Android smartphones may have been subverted by infected versions of legitimate apps offered for download on the Android Market, the Google equivalent of the Apple iTunes store.

In a weekend posting, Rich Cannings, Android's security lead, said that he and his team became aware of the DroidDream infections last week and removed the offending apps.

The malware, he says, took advantage of known vulnerabilities which do not affect Android versions 2.2.2 or higher.

Infosecurity notes that tens of millions of Android smartphones - even those being sold today - are based on Android 2.1 or earlier.

They cannot be updated without reflashing the driver chipsets of the handset, a task that only a small percentage of users are capable of doing.

Cannings also asserts that the DroidDream malware only harvested the serial numbers (IMEI/IMSI) of the mobiles, but given the nature of the exploits, the attacker(s) could access other data, which he explained is why Google has taken a number of steps to protect those who downloaded a malicious application.

"We removed the malicious applications from Android Market, suspended the associated developer accounts, and contacted law enforcement about the attack", he said.

We are remotely removing the malicious applications from affected devices. This remote application removal feature is one of many security controls the Android team can use to help protect users from malicious applications", he added.

The good news is that Google is now pushing an Android security update to all the affected devices "to prevent the attacker(s) from accessing any more information from affected devices."

In parallel with this, the Android security lead says he and his team are adding a number of measures to help prevent additional malicious applications using similar exploits from being distributed through Android Market.

Google is also, he says, working with our partners to provide the fix for the underlying security issues.

"Security is a priority for the Android team, and we're committed to building new safeguards to help prevent these kinds of attacks from happening in the future", he noted.


What’s Hot on Infosecurity Magazine?