Android Apps Hacked
Please Login to Remove!
Google has pulled 21 popular free apps from Android Market, the official company store for purchasing apps for Android smartphones.
As a result of being the most open of the top-selling smartphone platforms, Android has been the most intensely probed and attacked by malicious software developers.
Up until now most of the Android malware had been found outside of the Android Market, says Tim Armstrong, malware researcher at Kaspersky Lab. The breakthrough in this hack: The bad guys were able to plant poisoned copies of 21 popular apps in Android Market.
Another, more subtle breakthrough has to do with the way the hackers were able to include a "jailbreaking" component embedded in the poisoned apps that they managed to slip into Google's official apps store.
Jailbreaking refers to gaining root access to your phone's operating system. It is most commonly associated with iPhones. You need to jailbreak Apple's security to plant any malicious code on the iPhone. There have been a number of successful jailbreaking hacks of the iPhone, but this is not something that is trivial to do.
In this case, says Armstrong, the hackers made available poisoned apps carrying the capacity to gain root access to the Android operating system. (Technologists refer to this as "rooting" the Android, the equivalent of "jailbreaking" an iPhone.)
In essence, the 21 poisoned apps came preloaded to root the Android OS as the first step in corrupting the phone. Google says the poisoned apps were designed to harvest a wide range of available data and download more malicious instructions. At least 50,000 Android users downloaded a poisoned app before Google -- alerted by the Android Police bloggers -- intervened.
Lookout Mobile Security says it has discovered more similarly poisoned apps. "In all, more than 50 apps, including those from Myournet, have been identified and suspended from the market," says CTO Kevin Mahaffey.
"THE GUY YOUR MOTHER WARNED YOU ABOUT"