Google Pulls 21 Apps In Android Malware Scare

This is a discussion on Google Pulls 21 Apps In Android Malware Scare within the LG Ally Apps forums, part of the LG Ally category; All previous trojans and malware have been from other countries and not apps available in the Market. Things have changed. This is the 3rd article ...

Results 1 to 6 of 6

Thread: Google Pulls 21 Apps In Android Malware Scare

  1. #1
    Android Junkie allyAndroid's Avatar
    Join Date
    Jun 2010
    Location
    Ohio
    Posts
    1,413
    All previous trojans and malware have been from other countries and not apps available in the Market. Things have changed. This is the 3rd article this week.



    http://mashable.com/2011/03/01/android-malware-apps/
    Motorola Droid 4

  2. Android.net is the premier Android Forum. Registered users do not see these ads. .

  3. #2
    Android Lurker corndancer_lgally's Avatar
    Join Date
    Dec 2010
    Posts
    4
    Updated article now claims 50 apps



    http://www.computerworld.com/s/artic...?taxonomyId=85

  4. #3
    Android Junkie allyAndroid's Avatar
    Join Date
    Jun 2010
    Location
    Ohio
    Posts
    1,413
    Here is a list of the 51 apps: http://blog.mylookout.com/2011/03/se...et-droiddream/



    These are from 3 different developers: Myournet, KingMall2010, and we20090202.



    Some have very common app names: Piano, Task Killer Pro, Advanced File Manager, Bubble Shoot, Quick Notes, etc.



    As always, pay attention to what permissions an app asks for before installing it. If you download a game that wants permission to read your contacts, send messages, etc. It is probably a good idea to not install it. Also pay attention when an installed up updates, some apps can be installed and be legit but an update or two later the malicious code is added.
    Motorola Droid 4

  5. #4
    Android Lurker Barneys's Avatar
    Join Date
    Jan 2011
    Posts
    7
    Quote Originally Posted by Ally Android View Post
    Here is a list of the 51 apps: http://blog.mylookou...ket-droiddream/



    These are from 3 different developers: Myournet, KingMall2010, and we20090202.



    Some have very common app names: Piano, Task Killer Pro, Advanced File Manager, Bubble Shoot, Quick Notes, etc.



    As always, pay attention to what permissions an app asks for before installing it. If you download a game that wants permission to read your contacts, send messages, etc. It is probably a good idea to not install it. Also pay attention when an installed up updates, some apps can be installed and be legit but an update or two later the malicious code is added.


    How do you know/check that malicious code has been added or not after an update?

    Barney

  6. #5
    Android Junkie allyAndroid's Avatar
    Join Date
    Jun 2010
    Location
    Ohio
    Posts
    1,413
    There is no 100% way that you can know if an app has bad code in it. But the following will help to limit the possibility.



    You would need to make sure that auto update is unchecked, in the market, for each app that you have downloaded. Also, don't use the Update All option. Manually update each app and read the permissions of the app to make sure they haven't changed.
    Motorola Droid 4

  7. #6
    Android Jr Member vortmax's Avatar
    Join Date
    Nov 2010
    Posts
    32
    Quote Originally Posted by Barneys View Post
    How do you know/check that malicious code has been added or not after an update?

    Barney


    As I understand it, the malicious user is pirating code, inserting the malware and republishing it under his own name. So if you install the original, unmodified code from the real developer, the only updates you receive are those that are published by the original developer...hence uncontaminated code. The only way malware would wind up in an update is if someone gains access the the developer's account and publishes an update under his name, or if the developer decides to add the malware into his existing project. The second possibility seems more likely than the first, but as mentioned checking the permissions before installing *should* stop most of this.



    Personally I'm more worried about someone sneaking in a udev or setuid exploit into an app. That would allow the app to gain a root shell and do whatever it wanted to without any actual permissions. Android needs apparmor.

Remove Ads

http://www.scramblerducati.org/

Sponsored Links

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Search tags for this page

android app malware list

,

google app lg ally

,

google pulls 21 apps android malware scare

,

how to know if a app is malisous

,

malicious droid app

Click on a term to search our sites for related topics.
Android Forum