ie8 fix

Between the Lines

Larry Dignan, Andrew Nusca and Rachel King
Home / News & Blogs / Between the Lines

Google's Android wears big bullseye for mobile malware

By | March 6, 2011, 5:16pm PST

Google has responded to an Android market malware scare by removing the applications remotely. But Google’s incident with malware is only likely to be the beginning as future attacks are certain.

In a blog post, Google’s mobile team noted that it discovered a bunch of malware published on the Android Market. “Within minutes of becoming aware” Google removed the apps. These applications took advantage of vulnerabilities that don’t affect Android 2.2.2 or higher. The attackers got device specific codes and could have poached data. Google added that it will reverse the damage done remotely too.

Google said it is “adding a number of measures to help prevent additional malicious applications using similar exploits from being distributed through Android Market.” In other words, Google’s game of malware Whac-A-Mole has just started. Kaspersky’s Roel Schouwenberg said on Zero Day:

Up until now Android malware had only been found in third party marketplaces and web sites. Now, the malicious apps are living in Google’s own garden. This is particularly important because there are quite a few service providers who don’t allow their customers to install non-marketplace applications. In addition, people seem to inherently trust applications that reside in a central repository.

Add it up and Android may wind up having its Microsoft moment when it comes to security. Microsoft was lax, targeted because it had the market share and then became greatly improved with regular patch updates. Overall, I’d rate Microsoft as very good when it comes to security. After years of being pummeled Microsoft got its act together. Microsoft isn’t perfect, but has improved dramatically.

Also: Google kind of, sort of, addresses Android Malware

Now Google’s journey is beginning. This recent Android security issue is likely to be just the start. Now it’s possible this Google attack is just a one-off, but that’s unlikely. The stakes are too high.

Meanwhile, all the ingredients are there for an ongoing Android security issue. To wit:

  1. The Android Market is a free for all. A publisher pushed malware armed apps public without any issues. Why? There are no approval processes. Malware authors would have had a tougher time elsewhere.
  2. Android is the top mobile OS in market share and growing. Malware and market share go together nicely. Hackers need incentives and a big market to target is all they need.
  3. Google is untested. Sure, Google is good on security elsewhere, but mobile is a new game. With one successful malware attack complete, rest assured others will follow. How will Google prevent these items from hitting the Android Market?

Simply put, Google is quite the honey pot for attackers. Game on.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Between the Lines”

Topics

Google Inc., Android Market, Google Android, Mobile, Malware, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Larry Dignan

Larry Dignan is Editor in Chief of ZDNet and SmartPlanet as well as Editorial Director of ZDNet's sister site TechRepublic.

Disclosure

Larry Dignan

Larry Dignan has nothing to disclose. He doesn’t hold investments in the technology companies he covers.

Biography

Larry Dignan

Larry Dignan is Editor in Chief of ZDNet and SmartPlanet as well as Editorial Director of ZDNet's sister site TechRepublic. He was most recently Executive Editor of News and Blogs at ZDNet. Prior to that he was executive news editor at eWeek and news editor at Baseline. He also served as the East Coast news editor and finance editor at CNET News.com. Larry has covered the technology and financial services industry since 1995, publishing articles in WallStreetWeek.com, Inter@ctive Week, The New York Times, and Financial Planning magazine. He's a graduate of the Columbia School of Journalism and the University of Delaware.

For daily updates, follow Larry on Twitter.

70
Comments
Add Your Opinion

Join the conversation!

Just In

RE: Amazon's third quarter fails to impress
drumandyou 9th Mar
Now Google???s journey is beginning. This recent Android security issue is likely to be just the start. Now it???s possible this Google attack is just a one-off, but that???s unlikely. The stakes are too high. http://france-pharma.com | http://bluepillsau.com | http://edproblemsolver.com Meanwhile, all the ingredients are there for an ongoing Android security issue.
View in thread
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
Delvardo 6th Mar 2011
Two words: Up Dates

Or lack thereof.
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
Peter Perry 6th Mar 2011
@Delvardo yep, with the exception of phones that don't run it well.
0 Votes
+ -
av-software
banned from zdnet Updated - 7th Mar 2011
@Delvardo
agreed.

and android settlers, get ready for your annual anti-virus software subscription.
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
lariosshow 14th Mar 2011
@Delvardo hey happy
www.awwgame.com
0 Votes
+ -
RE: Amazon's third quarter fails to impress
drumandyou 9th Mar
Now Google???s journey is beginning. This recent Android security issue is likely to be just the start. Now it???s possible this Google attack is just a one-off, but that???s unlikely. The stakes are too high. http://france-pharma.com | http://bluepillsau.com | http://edproblemsolver.com Meanwhile, all the ingredients are there for an ongoing Android security issue.
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
tringo007 29th Sep
This is really interesting, You're a very skilled blogger. I've joined your rss feed and look forward to seeking more of your excellent post. Also, I've shared your site in my social networks! gates millenium scholarship
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
Rama.NET Updated - 6th Mar 2011
It is a big mess already. Only thing has to do in order to save its users from malware, work with OEMs, carriers and make sure any device that is running with Eclair and up is upgraded to Gingerbread or higher. This way all the users would be happy while they are fixing market. Otherwise, it will be the same. I think sometime last year they had to let few apps go because of malware and piracy practices after those apps were approved and sold for some period, why can't they have tighter control on app approval like Apple and Microsoft.
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
Traxxion 7th Mar 2011
@Rama.NET
To be honest, I'd rather have an open platform and take the risk than work with a closed platform. Windows Mobile was a completely open platform. I would love to adopt Windows Phone 7, but because it is closed I am not interested and Android is pretty much my only option now.

I'd rather manage my own applications thanks!
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
Pete "athynz" Athens 7th Mar 2011
@Traxxion But even with Android you are NOT fully in control. Google has the right to remotely kill any app you have on your device. So in essence THEY also manage your apps. how is this any different from the WP7 and iOS platforms?
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
Traxxion 23rd May 2011
@athynz
Very true, and it is annoying, but Android is at least a more open platform than WP7 and iOS. Plus, it is pretty much the only option left since MS and developers are working to kill off WM.

Personally, for now I have elected to buy a WM6.5 with 1GHz snapdragon. I have always preferred Windows Mobile and at least this time around I can still have it without sacrificing performance! happy

However, the outlook for the future of mobile is bleak... very bleak....
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
set.dcds@... 3rd Nov
You deserve the best and I know this will just add to your very proud accomplishments in your already beautiful and deserving blessed life. I wish you all the best and again. Thanks a lot..
PetFoodGuides.net
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
betabrdr 19th Nov
Well written ! i have to admit that it's very informative article. This really is another really very amazing and interesting publish. You've provided the publish that's proportional to the interest. Thank you for this publish.
credit card processing
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
karmanjn 4th Nov
You deserve the best and I know this will just add to your very proud accomplishments in your already beautiful and deserving blessed life. I wish you all the best and again. Thanks a lot.. Breitling Watches
0 Votes
+ -
This attack was a 5 or 6 off.
Bruizer Updated - 7th Mar 2011
Why do tech bloggers keep thinking this is the first instance of malware in the Android Market. Over the 15 months or so, it is averaging about every 3 months.

Given Google has activated 65,000,000 million Android phones (as of MWC) and Apple has delivered 100,000,000 million iPhones (as of iPad event) to consumers, it is surprising malware is targeting the lower available market share.

[edit] It was 67,000,000 units activated for 2010 and 5,000,000 units activated for 2011. If you add in the 2011 totals, Android is at 91,000,000 units activated at the time iPhones had 100,000,000 units delivered. Basically both iOS and Android are kicking butt.
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
Peter Perry 6th Mar 2011
@Bruizer could you show some evidence for once? Also, Android is #1 and that pisses you off huh? =D
0 Votes
+ -
I am going off of Google's and Apple's numbers.
Bruizer 6th Mar 2011
@Peter Perry

Not market research numbers that count incompatible branches like Tapas and OMS as part of the Android eco-system. It does not bother you in the slightest that market analysts differ by over 100% when compared to Google's numbers? Are you a little lemming unable to think for your self?

I will give you one. Do this: Google "fake bank apps in android marketplace". That is an easy one. If you are brave, go find the other 4 instances of malware getting the old remote kill switch.

Are you brave enough in your convictions? I doubt it. My guess is your hatred of all things Apple will drive to keep your head buried deep in the sand.
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
Peter Perry Updated - 7th Mar 2011
@Bruizer I have no issues with challenging my convictions but if you're so convinced this is a life threatening issue then why beat around the bush, come on, show us all these exploits.

As for the bank situation, my bank has the app right on their website so I just get it from them... something not possible with iOS.

Oh and Google has more unique activations which is why it is number one because you're not going to use an iPhone 3GS and iPhone 4 at the same time.
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
Pete "athynz" Athens 7th Mar 2011
@Peter Perry Here's a few links I found...

http://arstechnica.com/gadgets/news/2011/03/google-using-remote-kill-switch-to-swat-android-malware-apps.ars

The most recent attack.

http://www.wired.com/gadgetlab/2010/06/google-flips-remote-kill-switch-on-android-apps/

June 25th 2010... Two instances so far. This is googling "Google Remote Kill Switch" Let me try another search.

http://www.zdnet.com/blog/google/android-malware-in-the-wild/2724

This one is dated December 29th 2010... Three of them now.

http://www.computerworld.com/s/article/9180561/New_Android_malware_texts_premium_rate_numbers

Here's one from August 11th 2010...

Do I really need to keep going? Face facts Peter Perry Android is flawed. It is NOT the perfect be all, end all mobile OS you like to claim it to be. It is just as vulnerable - if not more so - to malware as any other mobile OS. Why is this so hard for you to acknowledge?
0 Votes
+ -
You have serious issues with your convictions.
Bruizer 7th Mar 2011
@Peter Perry

I have no issues with challenging my convictions but if you're so convinced this is a life threatening issue then why beat around the bush, come on, show us all these exploits.

I gave you one and challenged you to open your mind and actually find the others. That you are unwilling to do that indicates you are afraid of what you might actually find. In short, your convictions are weak. BTW: Where did I say this was life threatening?

Do you really think side-loading is the solution to all of this? Do you really think that best serves the user base? I don't.
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
rfoto 7th Mar 2011
@Peter Perry
Just curious, but what bank has an Android App and not an IPhone App?
0 Votes
+ -
@ rfoto
Bruizer 7th Mar 2011
Peter Perry was referring to having to side-load his Bank's mobile app instead of it being on the Market Place.

iOS has all its bank apps (like Chase or Wells Fargo) on the AppStore.

Because of this, it negates Android's previous malware of phishing apps disguised as legitimate bank apps.
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
non-biased 10th Mar 2011
@Peter Perry Android is #1 in smartphones (and malware wink ) but iOS overall has a larger install based.
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
shounehds 2nd Nov
This is excellent post. Its having good description regarding this topic.It is informative and helpful.I have known many information from this. Thanks for shearing.
Feriehus i Tyrkia
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
majborejfg 4th Nov
Thanks so much for this! I have not been this thrilled by a blog post for quite some time! You???ve got it, whatever that means in blogging. Anyway, You???re definitely someone that has something to say that people should hear. Keep up the wonderful job.
San Francisco homes for sale
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
majborejfg 4th Nov
I really loved reading your blog. It was very well authored and easy to understand. Unlike additional blogs I have read which are really not good. I also found your posts very interesting. In fact after reading, I had to go show it to my friend and he enjoyed it as well!
mill valley homes for sale
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
shounehds 3rd Nov
This is what I have been searching in many websites and I finally found it here. Amazing article. I am so impressed. Could never think of such a thing is possible with it???I think you have a great knowledge especially while dealings with such subjects.
Panerai Watches
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
majborejfg 4th Nov
I enjoyed reading the list of recipients for the Horton Awards. Thank you for making them available and acknowledging the contributions that these artists have made to the Southern Caifornia dance scene over the years. It is valuable to have a sense of this history for many reasons.
sydney escorts services
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
majborejfg 4th Nov
Glad to have found the information matching my criteria. This will really help me in completing my work easily and on time. Thanks for sharing.
homes for sale Novato
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
karmanjn 14th Nov
Very nice site and article. Amazing one, i appreciate this work.... This is a wonderful post Hey I see smart blog, I love it greatly because I cannot find anything better than your authors.Thanks, I agree that this will be a great help for me Panerai Watches
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
karmanjn 14th Nov
Excellent and decent post. I have found much informative, what I was exactly searching for. Thanks for such post and please keep it up.
Sleep remedies
0 Votes
+ -
credit card processing
betabrdr 19th Nov
Good - I should definitely pronounce, impressed along with your website. I had created no trouble navigating through the many tabs in addition to related information became truly easy to do in order to access. Lengthy ago i found whatever hoped for before long in any way. Reasonably unusual. Excellent task..
credit card processing
0 Votes
+ -
I like the within minutes of becoming aware!
tonymcs@... 6th Mar 2011
The real problem is how long it takes them to become aware without any real screening process.

Why would anyone choose Android with its bugs, crashes, multiple versions, tired UI and security free marketplace? Well probably because people are just buying phones and have no idea about Android or its links to the largest advertising company in the world.

There's a lot to be said for more secure marketplaces like WP7 and iOS.
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
Peter Perry 6th Mar 2011
@tonymcs@... this stuff is always going to exist regardless... remember the walls garden has had a few members break out of the yard and install infected apps on iOS devices as well.

Look, as long as people are allowed freedom to install the software the way they want it will be a small issue.

With Androids open market though, the solution will come from a 3rd party and that party has already announced their Market will be coming with DRM so this will give Google the best of both worlds... freedom for those who want it and penned yard for those that do not.
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
Peter Perry 6th Mar 2011
@Peter Perry oh I guess what I'm trying to say is, people take their own freedom if you try to take it away from them.

Remember there was a 600k strong proof of concept botnet on iPhone and iPod touches that were jailbroken just last year. You cannot fence people in and expect them to appreciate it... well, except for sheep, they don't know when they're being penned.
0 Votes
+ -
Big issue with Amazon, however.
Bruizer 6th Mar 2011
@Peter Perry

It needs a side load. What is the warning you get on doing a side load on Android?

It is sad actually. Amazon is doing the right thing but most people will be scared off of using a better and more secure option due to the nasty warning Google will place up on the screen when side loading is enabled.

Dude. These are basic devices that are used to track our personal lives. They are not a political statement. Deciding to keep a device that places few limits on your functionality while dramatically increasing the security of your personal information has nothing to do with being a sheep; it has everything to do with basic intelligence.
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
Peter Perry 7th Mar 2011
@Bruizer well, we'll see what Google does but it is better than blocking you from any source all together.

It is about politics and you still refuse to see it, it is about Apples Politics and them telling you what you can and cannot do with the very expensive device you just bought.

As for the security, what are you putting your social security number in this thing? Seriously, what are you doing with this device that so gravely exposes you? You're right it is about basic intelligence because I'm not so naive to believe that even the mighty apple could keep my device from being compromised.

So answer this, How is Jobs control over his ecosystem not totaliterian? And would you exchange your own personal freedom for a safer city to live in?
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
Pete "athynz" Athens 7th Mar 2011
@Peter Perry There is a huge difference between what happened with jailbroken iOS devices and the stock Android devices which did NOT have the "allow untrusted repositories" option enabled and using a trusted repository.

Jailbreaking an iOS device is the same as rooting an Android device - one goes into it knowing it's a hack of the OS and that all bets are off in regards to malware.

What happened with this recent malware issue is not the same so do not insult our intelligence by equating the two. IF only rooted Android devices were affected and/or Android devices with that "allow untrusted repositories" option activated then yes you'd have a point.
0 Votes
+ -
Don't confuse business with politics.
Bruizer 7th Mar 2011
@Peter Perry

It is a novice mistake and leads to very poor decisions.

It is about politics and you still refuse to see it, it is about Apples Politics and them telling you what you can and cannot do with the very expensive device you just bought.

No it is about business. Apple's business locks down the device. The politics and law allows you 100% legally to unlock it and do anything you want. From doing bit-torrents to hooking up harddrives to full file system access. These are different things. Apple locks this behind a wall that takes a high level of technical expertise to climb. Google exposes it to everyone with no knowledge.

As for the security, what are you putting your social security number in this thing?

No. Banking (like you except you side-loaded it but a root exploit would fully expose its data). Business. Investments. Finance.

I hear all Android users do is bit-torrent all day.

You're right it is about basic intelligence because I'm not so naive to believe that even the mighty apple could keep my device from being compromised.

So then why has Google had to pull the remote kill switch multiple times. Even with 1/2 the apps. Even with 1/3 the downloads. Even with 2/3 the market share (Android Activated devices VS all iOS devices). Google has a infinitely worse track record (it is a divide by 0 thing).

So answer this, How is Jobs control over his ecosystem not totaliterian? And would you exchange your own personal freedom for a safer city to live in?

Again, don't do the novice mistake and confuse politics and business.
0 Votes
+ -
sydney asian escorts
awarapaktr 2nd Nov
Hi,Reading your posting I love it completely we appreciate you in your effort. I want to declare that it is very good and informative. Thanks.
sydney asian escorts
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
karmanjn 4th Nov
This is what I have been searching in many websites and I finally found it here. Amazing article. I am so impressed. Could never think of such a thing is possible with it???I think you have a great knowledge especially while dealings with such subjects.
homes for sale Novato
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
Traxxion 7th Mar 2011
@tonymcs@...

I'm sorry... did you just refer to the Android UI as 'tired'? I think anyone blessed with eyesight will tell you straight that the iPhone interface is far from spectacular. It is probably the least impressive phone UI I have used since Windows CE. Boring gridded icons, most of them blocky in appearance and little animation or dynamic content. Compare that to Windows Phone 7 or Froyo... nuff said...
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
non-biased 10th Mar 2011
@Traxxion You seem to be unable to grasp a basic concept though, just because you like or dislike something does not mean that everyone feels the same way. Your prefer WP7 or Froyo which is great for you but many prefer others including iOS. To each their own.
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
Traxxion 23rd May 2011
@non-biased
Well I appreciate that you are living up to your monicker, but try this out for a 'basic concept'. If it was simply 'to each their own' then I wouldn't feel the need to comment in the first place.

However, when you see everywhere supposedly reputable tech bloggers purveying complete rubbish to push their beloved platform such as: There were no touchscreen phones before the iPhone

.... you just kind of feel the need to throw a comment back.

The fact is that if I have to listen to a bunch of technophobe Apple-using wannabes banging their cymbals and reversing the last decade of mobile progress with their stupid iPlodes just because 'its Apple', then I will feel free to point out that no matter which way you spin it, Apple iOS is BORING, DATED and CLOSED. A 4x4 grid of icons arranged into pages. WOW! What a revolutionary idea?! Not even a file manager???? Seriously....
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
wasedfgt 3rd Nov
Hi,Reading your posting I love it completely we appreciate you in your effort. I want to declare that it is very good and informative. Thanks.
sydney escorts services
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
majborejfg 4th Nov
Outstanding piece of work you have done. This type of posts is rarely found. This site has proved its metals in the way of giving extra ordinary information.
sydney asian escorts
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
karmanjn 14th Nov
Excellent and decent post. I have found much informative, what I was exactly searching for. Thanks for such post and please keep it up.
Sleep remedies
0 Votes
+ -
Bandaid it all you want...
jessiethe3rd 6th Mar 2011
The problem in a free-for-all marketplace with no control is protection is ignored... much like the G has don't for indemnificcation and code heisting.
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
shounehds 2nd Nov
I enjoyed reading the list of recipients for the Horton Awards. Thank you for making them available and acknowledging the contributions that these artists have made to the Southern Caifornia dance scene over the years. It is valuable to have a sense of this history for many reasons.
Bolig i Tyrkia
0 Votes
+ -
RE: Google's Android wears big bulls eye for mobile malware
shounehds 2nd Nov
Working on the give topic is really a difficult task but your this tutorial made it easy for me to handle it without any problem. If anyone seeking information then this blog is the best place for him as it has quality content for your required information. Thanks for sharing.

Eiendom i Tyrkia
0 Votes
+ -
Lessons learned. But need a full explanation.
Dietrich T. Schmitz, ~ Your Linux Advocate 7th Mar 2011
Lessons learned.
Google need to tighten up their vetting process.

If that means developers experience delays in getting their apps approved, so be it.

I am willing to wait provided that Google exercises due diligence in validating source code reaching the market.

There is no other way. Grunt through code review by humans takes time.

P.S.
I've been waiting for a 'complete' explanation for how such malware reached the Market. What has been written thus far by Google does not go into detail as to how the breach on the site (mechanism) was accomplished.

It would be good for all to know 'exactly' what happened.

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix