Rogue apps sneak into Android Market


Over 50 malicious apps found their way onto the Android Market, but have now been removed, according to reports.

Reddit contributor Lompolo was first to notice the issue, when he found 21 Android legitimate apps had been repackaged with an exploit known as "rageagainstthecage" designed to gain root access to users' devices.

A report from Android Police indicated that between 50,000 and 200,000 versions of the malicious apps could have been downloaded before Google pulled the plug.

The apps were able to steal device details such as IMEI numbers and could even download more code and install extra malware designed to take even more data from users.

Various apps released under the developer names "Kingmall2010, "we20090202 and "Myournet" were affected. In a follow-up blog post, Android Police claim that the exploits used no longer work under Android 2.3. If true, this incident highlights one of the disadvantages of the delays Android users often face in getting the latest operating system updates.

Google have removed the apps and banned the rogue developer it believes to be responsible from Android Market, reports indicated. The tech giant has also ensured the apps were remotely removed from the affected handsets.

However, Rik Ferguson, senior security advisor at Trend Micro, said just taking the apps offline may not help those who downloaded the infected apps.

"Of course this remote kill switch will not remove any other code that may have been dropped onto the device as a result of the initial infection," Ferguson said in a blog.

"So if you are one of the estimated 50,000 people who have downloaded these malicious apps it could be worth your while investigating the possibility of getting a replacement handset or reinstalling the operating system on the one you have if possible."

At the time of publication, Google had not responded to a request for comment on the situation.

There have been plenty of concerns over the security of the Android Marketplace, but before this there had not been any major issues.

Instead, most threats had been seen passing through third-party app stores.

As Android becomes more popular, however, the marketplace will become more of a target for cyber criminals.

Philip Dall, mobile security expert with internet security company BullGuard, said users should ensure where the app has come from in the first place.

"First and foremost, you should think twice before you download applications by finding out who uploaded it, check which rights and actions the app wishes to make use of, and consider whether this sounds right or not," Dall said.

"Secondly, you should install security software on your phone."

IT PRO recently warned about the potential security time bomb facing the plethora of app stores now open to consumers and businesses alike.

Tom Brewster

Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.

He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.