Watch out for malware hidden in Android apps
As much as Google’s Android Market has been lauded for its near instantaneous approval of developers’ apps, it’s now taking flak for malware-infected apps popping up in the service. Google recently removed at least 10 applications from its Android Market because they all had malicious code disguised as add-ons to one of the most popular apps of all time.
The Angry Birds app, for instance, include “a spyware program called Plankton, which connects to a remote server and uploads phone information like the IMEI number, browser bookmarks and browsing history,” Wired reports.
Webroot analysts Andrew Brandt and Armando Orozco investigated Plankton and found how its file names could confuse users. “Some of the samples we looked at came as Android apps with names like Angry Birds Rio Unlocker v1.0, Angry Birds Multi User v1.00 or Angry Birds Cheater Trainer Helper V2.0,” they wrote in a blog post.
When you install the malware-infected apps, the following message appears: “Welcome! Simply click on the button below to unlock ALL levels in Angry Birds Rio. This will not delete your scores but might change the number of pineapples and bananas you have.”
The installed code then gives remote access to the malware creator, whose identity remains unknown.
The analysts said users should be smart about what they download. “Android users can protect themselves by using a little common sense when they download apps: Does the app sound like what it promises to do is too good to be true? Does it ask for all kinds of permissions that it shouldn’t need to fulfill its mission? Did you get it from the official Market or a legitimate app store such as Amazon, or from some random app collection?”
The malware found in these Android apps raise a troubling question for Google. Its Android Market wins praise for not having months-long waiting periods for apps to be available to users, unlike Apple’s App Store. “However, the Android Market’s app submission process comes at a cost. Google’s lack of vetting applications lends the Market to security vulnerabilities like these,” Wired writes. “Google mostly relies on a self-policing community…to spot offending apps, which means malware can sit in the market for months before someone spots it.”
Google has faced this problem before. In March, users reportedly downloaded as many as 200,000 of the free apps infected with malware before Google pulled them from the Market.