In what is the most serious breach of Android's security yet, a number of apps found on Google's Android Market contains code that could steal your data and leave your phone in a vulnerable state for further attacks.
Over 50 apps have been pulled by Google from Android Market, but it is unknown how many phones have already been infected, since these apps have been downloaded hundreds of thousands of times already combined.
Android phones using earlier versions of the Android operating system (pre 2.2.2 and 2.3) contain a security flaw that allows the rooting of the OS, which then opens a "backdoor" that enables more malware to be installed onto the phone.
The malware apps also steal the phone user's information, including the phone's unique IMEI number.
Google has taken swift action, removing the offending apps minutes after they were warned of the problem by Android Police. Google has pulled the apps from the market, and also remotely from people's phones, but a full reset of the phone is the only way to ensure the OS is not compromised for those that have run the offending apps.
Security software firm Trend Micro only recently issued a warning regarding the increased security vulnerability of Android phones compared to other phones.
Android Police has published a list of offending apps here:
http://www.androidpolice.com/2011/03...open-backdoor/
Who's to blame? Google's lack of policing of the Android Market? The security flaw found in the OS that wasn't fixed until later versions? Or the massive piracy and third party app downloading scene for the platform? Post your opinion on this news story in the comments section, or in this forum thread:
http://forum.digital-digest.com/showthread.php?t=94610
Home
