Stolen apps that root Android, steal data and open backdoors available for download from Google Market

Stolen apps that root Android, steal data and open backdoors available for download from Google Market

Summary: To many of its fans, the openness and freedoms offered by the Android mobile operating systems is one of its main selling points. But that openness come with a price - it makes it easy for nefarious types to sneak malware into apps. And that's exactly what they are doing.

SHARE:
TOPICS: Security, Malware
83

To many of its fans, the openness and freedoms offered by the Android mobile operating systems is one of its main selling points. But that openness come with a price - it makes it easy for nefarious types to sneak malware into apps. And that's exactly what they are doing.

Here's an example offered up by Android Police:

Redditor lompolo has stumbled upon a perfect example of that fact; he's noticed that a publisher has taken "... 21 popular free apps from the market, injected root exploits into them and republished." The really scary part? "50k-200k downloads combined in 4 days."

So take some free apps, inject them with malware and re-release them. It's that simple. Then profit! And there's almost no limit to what these apps can get away with:

I asked our resident hacker to take a look at the code himself, and he's verified it does indeed root the user's device via rageagainstthecage or exploid. But that's just the tip of the iceberg: it does more than just yank IMEI and IMSI. There's another APK hidden inside the code, and it steals nearly everything it can: product ID, model, partner (provider?), language, country, and userID. But that's all child's play; the true pièce de résistance is that it has the ability to download more code. In other words, there's no way to know what the app does after it's installed, and the possibilities are nearly endless.

Scary stuff. And remember, unlike the Android malware I blogged about yesterday, this code has been freely available for download from the official Google app market.

The publisher in question, Myournet, has been removed from the Android Market. Here is a list of affected apps:

  • Falling Down
  • Super Guitar Solo
  • Super History Eraser
  • Photo Editor
  • Super Ringtone Maker
  • Super Sex Positions
  • Hot Sexy Videos
  • Chess
  • ????_Falldown
  • Hilton Sex Sound
  • Screaming Sexy Japanese Girls
  • Falling Ball Dodge
  • Scientific Calculator
  • Dice Roller
  • ????
  • Advanced Currency Converter
  • App Uninstaller
  • ????_PewPew
  • Funny Paint
  • Spider Man
  • ???

Also affected were the following apps by a publisher called Kingmall2010:

  • Bowling Time
  • Advanced Barcode Scanner
  • Supre Bluetooth Transfer
  • Task Killer Pro
  • Music Box
  • Sexy Girls: Japanese
  • Sexy Legs
  • Advanced File Manager
  • Magic Strobe Light
  • ??????
  • ????Panzer Panic
  • ????Mr. Runner
  • ??????
  • Advanced App to SD
  • Super Stopwatch & Timer
  • Advanced Compass Leveler
  • Best password safe
  • ???
  • ????

And these by we20090202:

  • Finger Race
  • Piano
  • Bubble Shoot
  • Advanced Sound Manager
  • Magic Hypnotic Spiral
  • Funny Face
  • Color Blindness Test
  • Tie a Tie
  • Quick Notes
  • Basketball Shot Now
  • Quick Delete Contacts
  • Omok Five in a Row
  • Super Sexy Ringtones
  • ?????
  • ?????
  • ????

There's plenty that Android handset owners can do to stay safe (most of the advice consists of not removing safeguards put in place to protect them), but when it comes to the official download channel, Google needs to be doing more to protect Android users from malware.

If you've got apps from this publisher installed, it's probably a good idea to uninstall them. You also might want to contact your handset maker or phone company for help and advice.

Topics: Security, Malware

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

83 comments
Log in or register to join the discussion
  • Didn't Our Linux Advocate say this was impossible?

    He specifically said the Google Market Place eliminated this as a potential possibility.

    Yep. Android the Win95 of the industry in all the bad ways.
    Bruizer
    • RE: Stolen apps that root Android, steal data and open backdoors available for download from Google Market

      @Bruizer

      I agree as we had a discussion in the past post. When this stuff appeared on the Android Market then it is a problem. Google needs to put better measures in place to prevent this.

      One thing to make note is that this exploit has already been patched in Android 2.2 (Froyo) which is being ran on 60% of devices out there. This should be more motivation to manufacturers (looking at you Samsung) to get updates out for phones more sooner then later.
      RoboRobp
      • Actually, it is Android 2.2.2.

        @RoboRobp <br><br>And only partially covers this issue. So how many phones are running 2.2.2? The Droid X/Incredible, for example, are 2.2.1 and [are] fully exposed. My guess is the number is much much smaller than 60% and is closer to 5-10%
        Bruizer
      • The Roid store has always been a festering cesspool of malware.

        @RoboRobp

        It doesn't matter what version of Roid your phone has, since day one there have been a ton of malware apps in the Roid store. Google does zero quality control, and would rather have a higher number of malware and duplicate apps, rather than show how few real apps are available for Roid.

        This is nothing new, 3rd parties have been finding malware apps in the roid store from day one. The wild west without a Sheriff isn't for the average consumer, it's only for the paranoid super geek who loves to tweak. And even if you are that paranoid super geek whose kung fu is strong enough to stay safe, You still don't want to put any real personal info in your Roid... And that makes it absolutly useless as a smartphone. The only real use for Roid is as a tweaker toy.

        And it's only going to get worse. Once it gets bad enough, mainstream media will pick up the story and spin it into an overnight epidemic. And then everyone (avrage users/ non geeks) will do a mass exodus from Roid and go to anything else they can get a hold of.
        i8thecat
    • RE: Stolen apps that root Android, steal data and open backdoors available for download from Google Market

      @Bruizer Ouch - good memory - but ouch!
      ItsTheBottomLine
  • It's Apple's quality vs Android's quantity

    and it looks like Apple is winning (again)
    iPad-awan
    • RE: Stolen apps that root Android, steal data and open backdoors available for download from Google Market

      @iPad-awan

      Really? Just because you sleep in their bed it doesn't mean they're disease free.
      Rob.sharp
      • RE: Stolen apps that root Android, steal data and open backdoors available for download from Google Market

        @rob.sharp@... I'M ON ANDROID and I'm going back to iOS its a better experience...
        Hasam1991
      • RE: Stolen apps that root Android, steal data and open backdoors available for download from Google Market

        @Hasam1991
        How many times in a day you do that, i.e. going back to iOS? :-)
        Ram U
    • RE: Stolen apps that root Android, steal data and open backdoors available for download from Google Market

      @iPad-awan
      You make the worst comparisons ever lol Apple makes the cheapest shoddy pieces of junk out there hat barely work. I do repairs and I'd say 80% are broken apple products. The phones and ipods are just fragile garabge that dummies pay to much for. Side by side zune and ipod the zune kills the ipod and the iphone well thats a shiney turd those things have tons and tons of issues so again you argue an overpriced, porrly made, half functioning apple is a good thing.
      Fletchguy
      • RE: ...and the iphone well thats a shiney turd ...

        @Fletchguy

        I bet Apple gets this by the semi:

        http://www.guffsturdpolish.com/default.php
        fatman65535
      • RE: Stolen apps that root Android, steal data and open backdoors available for download from Google Market

        @Fletchguy I do repairs as well and I see a LOT of Zunes, Windows-based PCs, and old WM devices come through my shop as well as some Macs, iPods, and iPhones... the Apple products make up about 10% of my business.

        Actually I just made all of that up - I do not have an electronics repair business. I did that to illustrate a point - that one can claim to be anyone and anything on the internet... I'm not claiming you are lying but I do have some questions... So if my iPhone broke where would I have to go to get you to fix it? Is there a website for your repair business? Is it solely walk-ins or can I have something sent to you?
        athynz
      • RE: Stolen apps that root Android, steal data and open backdoors available for download from Google Market

        @athynz Even if Fletchguy was in the electronics repair business I would question any claims he make regarding repair states and Apple simply due to his blind hatred for Apple that he consistently shows. By no means am I saying that I don't think Apple products need to be repaired but I wouldn't believe a word he says about it.
        non-biased
  • RE: Stolen apps that root Android, steal data and open backdoors available for download from Google Market

    I will not be getting an android phone after reading this. I mean I already knew linux sucks badly, but after reading about the malware for android I just can't take that chance.
    Loverock Davidson
    • RE: Stolen apps that root Android, steal data and open backdoors available for download from Google Market

      @Loverock Davidson

      Well you would not have bought one BEFORE reading this either, so that is no real loss. However to those of you who are turned off by this (and who can blame you?) keep in mind that Android is the only major smart phone OS out there that allows you (and in fact encourages you) to choose your own market. Amazon is coming out with their own Android market, and you can be sure they are watching Google's mistakes to make sure they do not repeat them because they want to win business. A competitive environment like this will do more for the overall good of the customer than any closed environment can hope to accomplish.
      Michael Kelly
      • RE: Stolen apps that root Android, steal data and open backdoors available for download from Google Market

        Mom will not let Lovey buy a phone.
        choyongpil
      • RE: Stolen apps that root Android, steal data and open backdoors available for download from Google Market

        @Michael Kelly
        Will Amazon do quality control over the apps in their market?
        Loverock Davidson
      • RE: Stolen apps that root Android, steal data and open backdoors available for download from Google Market

        @Loverock Davidson

        If they do not, they will not succeed in the long run. Just as Google will not succeed in the long run if they allow this to continue. However where there is demand there are willing suppliers, and if Google and Amazon fail at their jobs, someone else will succeed and make a ton of money as a result.
        Michael Kelly
      • RE: Stolen apps that root Android, steal data and open backdoors available for download from Google Market

        @Michael Kelly
        Actually Palm and WinMobile have so many app stores like Handango, Pocket Gear, etc. even before App Store, Android Market were not even in inception phase. The quality of apps were never compromised there. I see laziness from QA of Google Market and thats why we are hearing more and more stories like this. Yes, I know you can buy apps for Android from 3rd parties too.
        Ram U
      • RE: Stolen apps that root Android, steal data and open backdoors available for download from Google Market

        @Michael Kelly Funny how the talking points regarding Android app availability change depending on the current topic. If talking about iOS devices Android is great because you can choose where you want to get your apps from. When talking about malware coming from alternative Android app markets all the sudden it's you fault if you choose to get apps from anywhere but the official Google Marketplace. Now that we are talking about malware coming directly from the Marketplace it's Android is great because you can choose where you get your apps and Amazon will probably be coming out with their own store which will be safe. Love it or hate it, I think I will stick with my iPhone and App Store.
        non-biased