Google removes more malware from Android Market

Google removes more malware from Android Market

The tally of malware apps that Google has removed from the Android Market now stands at more than 50. All of the offending apps contained a trojan horse with the potential infect unsuspecting users' phones and steal their data. In addition to the 21 apps from "developer" Myournet, Google also nixed apps from vendors Kingmall2010 and we20090202 that were using the same trojan.
While Android malware has cropped up from time to time in third-party app markets not managed by Google, this marks the first time so much malware has made it into the official Android Market. Google confirmed it had removed a number of apps from the Market that were in violation of its policies and is expected to issue a statement on the matter soon.
"In some ways we were expecting this," says Tom Parsons, senior manager with Symantec Security Response, which posted a warning about the threatening apps. "When it was going to happen, we just weren't sure of. Android's market share is shooting up, so long-term you'd have to imagine long-term, that malware authours will continue to focus on the Android operating system."
The trojan, known as DroidDream, has the ability to infect Android device and send the phone's data back to the hacker, says an analysis by mobile security company Lookout. It can also silently install other applications, which opens up a wealth of dangerous possibilities. Lookout says hiding malware in ostensibly legitimate software is a "growing trend."
"The malware itself is powerful," says Symantec's Parsons. "It provides root access to the device itself. Once you're talking about root access, they say that the phone is 'owned.' There is the ability [for malicious software] to take screenshots, so if you're typing in a username, that could be exposed."

Lookout says DroidDream uses known exploits to infect devices, and that Google has patched those vulnerabilities in the most recent version of Android, 2.3 or "Gingerbread." Unfortunately, very few phones have been updated to Gingerbread, so most Android devices are susceptible to the trojan.
Short of installing Gingerbread, companies like Lookout and Symantec offer paid apps that are made to protect your phone from malware, just like their PC counterparts. Lookout has said it has already provided an over-the-air update to users of its app that will guard against DroidDream.
"Security companies started creating mobile anti-malware applications years ago, before there was any appreciable threat," says Neil Rubenking, PCMag's senior security analyst. "At first thought that might seem pointless. Now, though, when the number of malware threats is growing they have a solution in place. That's good planning."