Google's Android wears big bullseye for mobile malware

Google's Android wears big bullseye for mobile malware

Summary: Google has responded to an Android market malware scare by removing the applications remotely. But Google's incident with malware is only likely to be the beginning as future attacks are certain.

SHARE:

Google has responded to an Android market malware scare by removing the applications remotely. But Google's incident with malware is only likely to be the beginning as future attacks are certain.

In a blog post, Google's mobile team noted that it discovered a bunch of malware published on the Android Market. "Within minutes of becoming aware" Google removed the apps. These applications took advantage of vulnerabilities that don't affect Android 2.2.2 or higher. The attackers got device specific codes and could have poached data. Google added that it will reverse the damage done remotely too.

Google said it is "adding a number of measures to help prevent additional malicious applications using similar exploits from being distributed through Android Market." In other words, Google's game of malware Whac-A-Mole has just started. Kaspersky's Roel Schouwenberg said on Zero Day:

Up until now Android malware had only been found in third party marketplaces and web sites. Now, the malicious apps are living in Google’s own garden. This is particularly important because there are quite a few service providers who don’t allow their customers to install non-marketplace applications. In addition, people seem to inherently trust applications that reside in a central repository.

Add it up and Android may wind up having its Microsoft moment when it comes to security. Microsoft was lax, targeted because it had the market share and then became greatly improved with regular patch updates. Overall, I'd rate Microsoft as very good when it comes to security. After years of being pummeled Microsoft got its act together. Microsoft isn't perfect, but has improved dramatically.

Also: Google kind of, sort of, addresses Android Malware

Now Google's journey is beginning. This recent Android security issue is likely to be just the start. Now it's possible this Google attack is just a one-off, but that's unlikely. The stakes are too high.

Meanwhile, all the ingredients are there for an ongoing Android security issue. To wit:

  1. The Android Market is a free for all. A publisher pushed malware armed apps public without any issues. Why? There are no approval processes. Malware authors would have had a tougher time elsewhere.
  2. Android is the top mobile OS in market share and growing. Malware and market share go together nicely. Hackers need incentives and a big market to target is all they need.
  3. Google is untested. Sure, Google is good on security elsewhere, but mobile is a new game. With one successful malware attack complete, rest assured others will follow. How will Google prevent these items from hitting the Android Market?

Simply put, Google is quite the honey pot for attackers. Game on.

Topics: Malware, Android, Google, Mobility, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

68 comments
Log in or register to join the discussion
  • RE: Google's Android wears big bulls eye for mobile malware

    Two words: Up Dates

    Or lack thereof.
    Delvardo
    • RE: Google's Android wears big bulls eye for mobile malware

      @Delvardo yep, with the exception of phones that don't run it well.
      slickjim
    • av-software

      @Delvardo <br>agreed.

      and android settlers, get ready for your annual anti-virus software subscription.
      banned from zdnet
    • RE: Google's Android wears big bulls eye for mobile malware

      @Delvardo hey :)
      www.awwgame.com
      lariosshow
      • RE: Amazon's third quarter fails to impress

        Now Google???s journey is beginning. This recent Android security issue is likely to be just the start. Now it???s possible this Google attack is just a one-off, but that???s unlikely. The stakes are too high. http://france-pharma.com | http://bluepillsau.com | http://edproblemsolver.com Meanwhile, all the ingredients are there for an ongoing Android security issue.
        drumandyou
  • RE: Google's Android wears big bulls eye for mobile malware

    It is a big mess already. Only thing has to do in order to save its users from malware, work with OEMs, carriers and make sure any device that is running with Eclair and up is upgraded to Gingerbread or higher. This way all the users would be happy while they are fixing market. Otherwise, it will be the same. I think sometime last year they had to let few apps go because of malware and piracy practices after those apps were approved and sold for some period, why can't they have tighter control on app approval like Apple and Microsoft.
    Ram U
    • RE: Google's Android wears big bulls eye for mobile malware

      @Rama.NET
      To be honest, I'd rather have an open platform and take the risk than work with a closed platform. Windows Mobile was a completely open platform. I would love to adopt Windows Phone 7, but because it is closed I am not interested and Android is pretty much my only option now.

      I'd rather manage my own applications thanks!
      12312332123
      • RE: Google's Android wears big bulls eye for mobile malware

        @Traxxion But even with Android you are NOT fully in control. Google has the right to remotely kill any app you have on your device. So in essence THEY also manage your apps. how is this any different from the WP7 and iOS platforms?
        athynz
      • RE: Google's Android wears big bulls eye for mobile malware

        @athynz
        Very true, and it is annoying, but Android is at least a more open platform than WP7 and iOS. Plus, it is pretty much the only option left since MS and developers are working to kill off WM.

        Personally, for now I have elected to buy a WM6.5 with 1GHz snapdragon. I have always preferred Windows Mobile and at least this time around I can still have it without sacrificing performance! :)

        However, the outlook for the future of mobile is bleak... very bleak....
        12312332123
      • RE: Google's Android wears big bulls eye for mobile malware

        You deserve the best and I know this will just add to your very proud accomplishments in your already beautiful and deserving blessed life. I wish you all the best and again. Thanks a lot..
        <a rel="dofollow" href="http://petfoodguides.net/">PetFoodGuides.net</a>
        set.dcds@...
      • RE: Google's Android wears big bulls eye for mobile malware

        Well written ! i have to admit that it's very informative article. This really is another really very amazing and interesting publish. You've provided the publish that's proportional to the interest. Thank you for this publish.
        <a rel="dofollow"href="http://www.creditcardprocessing101.com/credit-card-processing/">credit card processing</a>
        betabrdr
    • RE: Google's Android wears big bulls eye for mobile malware

      You deserve the best and I know this will just add to your very proud accomplishments in your already beautiful and deserving blessed life. I wish you all the best and again. Thanks a lot..<a rel="dofollow"href="http://www.lussotime.com/collections/breitling">Breitling Watches</a>
      karmanjn
  • This attack was a 5 or 6 off.

    Why do tech bloggers keep thinking this is the first instance of malware in the Android Market. Over the 15 months or so, it is averaging about every 3 months.<br><br>Given Google has activated 65,000,000 million Android phones (as of MWC) and Apple has delivered 100,000,000 million iPhones (as of iPad event) to consumers, it is surprising malware is targeting the lower available market share.

    [edit] <i>It was 67,000,000 units activated for 2010 and 5,000,000 units activated for 2011. If you add in the 2011 totals, Android is at 91,000,000 units activated at the time iPhones had 100,000,000 units delivered. Basically both iOS and Android are kicking butt.</i>
    Bruizer
    • RE: Google's Android wears big bulls eye for mobile malware

      @Bruizer could you show some evidence for once? Also, Android is #1 and that pisses you off huh? =D
      slickjim
      • I am going off of Google's and Apple's numbers.

        @Peter Perry

        Not market research numbers that count incompatible branches like Tapas and OMS as part of the Android eco-system. It does not bother you in the slightest that market analysts differ by over 100% when compared to Google's numbers? Are you a little lemming unable to think for your self?

        I will give you one. Do this: Google "fake bank apps in android marketplace". That is an easy one. If you are brave, go find the other 4 instances of malware getting the old remote kill switch.

        Are you brave enough in your convictions? I doubt it. My guess is your hatred of all things Apple will drive to keep your head buried deep in the sand.
        Bruizer
      • RE: Google's Android wears big bulls eye for mobile malware

        @Bruizer I have no issues with challenging my convictions but if you're so convinced this is a life threatening issue then why beat around the bush, come on, show us all these exploits.<br><br>As for the bank situation, my bank has the app right on their website so I just get it from them... something not possible with iOS.<br><br> Oh and Google has more unique activations which is why it is number one because you're not going to use an iPhone 3GS and iPhone 4 at the same time.
        slickjim
      • RE: Google's Android wears big bulls eye for mobile malware

        @Peter Perry Here's a few links I found...

        http://arstechnica.com/gadgets/news/2011/03/google-using-remote-kill-switch-to-swat-android-malware-apps.ars

        The most recent attack.

        http://www.wired.com/gadgetlab/2010/06/google-flips-remote-kill-switch-on-android-apps/

        June 25th 2010... Two instances so far. This is googling "Google Remote Kill Switch" Let me try another search.

        http://www.zdnet.com/blog/google/android-malware-in-the-wild/2724

        This one is dated December 29th 2010... Three of them now.

        http://www.computerworld.com/s/article/9180561/New_Android_malware_texts_premium_rate_numbers

        Here's one from August 11th 2010...

        Do I really need to keep going? Face facts Peter Perry Android is flawed. It is NOT the perfect be all, end all mobile OS you like to claim it to be. It is just as vulnerable - if not more so - to malware as any other mobile OS. Why is this so hard for you to acknowledge?
        athynz
      • You have serious issues with your convictions.

        @Peter Perry

        <i>I have no issues with challenging my convictions but if you're so convinced this is a life threatening issue then why beat around the bush, come on, show us all these exploits.</i>

        I gave you one and challenged you to open your mind and actually find the others. That you are unwilling to do that indicates you are afraid of what you might actually find. In short, your convictions are weak. BTW: Where did I say this was life threatening?

        Do you really think side-loading is the solution to all of this? Do you really think that best serves the user base? I don't.
        Bruizer
      • RE: Google's Android wears big bulls eye for mobile malware

        @Peter Perry
        Just curious, but what bank has an Android App and not an IPhone App?
        rfoto
      • @ rfoto

        Peter Perry was referring to having to side-load his Bank's mobile app instead of it being on the Market Place.

        iOS has all its bank apps (like Chase or Wells Fargo) on the AppStore.

        Because of this, it negates Android's previous malware of phishing apps disguised as legitimate bank apps.
        Bruizer