MacDailyNews Take: Oopsey.
The Beeb continues, “The virus-laden apps were discovered by a Reddit user called Lompolo who realised that one program was listed under the name of a publisher he knew had not written it… Lompolo initially found 21 apps bearing the viral code but, according to an investigation by mobile security site Android Police, the final tally is believed to involve more than 50. The apps are also known to be available on unofficial Android stores too.”
MacDailyNews Take: Marketplace fragmentation makes tracking down malware a fruitless exercise. Android settlers are “open,” alright. Open targets.
The Beeb continues, “Once a booby-trapped application is installed and run, the virus lurking within, known as DroidDream, sends sensitive data, such as a phone’s unique ID number, to a remote server. It also checks to see if a phone has already been infected and, if not, uses known exploits to bypass security controls and give its creator access to the handset. This bestows the ability to install any code on a phone or steal any information from it.”
MacDailyNews Take: Windows redux. Don’t settle for pale imitations. Get the real thing.
The Beeb continues, “[Google] has the option to use a security tool that can recall and uninstall rogue applications from phones. It is not thought to have yet done this as its investigation continues. Google has yet to issue a formal statement about the rogue applications while it completes the investigation. Writing on the Trend Micro security blog, Rik Ferguson, pointed out that remote removal of the booby-trapped apps may not solve all the security problems they pose. ‘…this remote kill switch will not remove any other code that may have been dropped onto the device as a result of the initial infection,’ he wrote.
Read more in the full article here.
MacDailyNews Take: So, Android settlers, how’s that openy, derangey thing workin’ out for ya?
[Thanks to MacDailyNews readers too numerous to mention individually for the heads up.]