Google was just faced with one of the bad sides of being as open as it is with its Android platform. Apparently some 58 malicious apps have infiltrated the Android Market and have managed to register 260 000 downloads before the security team axed them.
The nasty apps were uploading information about the hardware of the devices plus the Android version it was using without the user’s content. What’s worse, they were creating backdoors so more sensitive data could be downloaded in the future.
That’s why Google devs stepped in and remotely wiped the apps from the affected handsets and closed the exploits. Users of the affected handsets should receive an email soon that contains the report of the actions taken to nullify the threat.
The exploits existed only in older versons of the OS (prior to ver. 2.2.2). That’s why Google has also released a security patch through the Market to prevent similar apps from reusing those holes in the future.
Now we really hope Google learns its lesson and starts checking the apps in the Market more carefully. No one got hurt this time, but it would be in everyone’s best interest if there is no next time.
The nasty apps were uploading information about the hardware of the devices plus the Android version it was using without the user’s content. What’s worse, they were creating backdoors so more sensitive data could be downloaded in the future.
That’s why Google devs stepped in and remotely wiped the apps from the affected handsets and closed the exploits. Users of the affected handsets should receive an email soon that contains the report of the actions taken to nullify the threat.
The exploits existed only in older versons of the OS (prior to ver. 2.2.2). That’s why Google has also released a security patch through the Market to prevent similar apps from reusing those holes in the future.
Now we really hope Google learns its lesson and starts checking the apps in the Market more carefully. No one got hurt this time, but it would be in everyone’s best interest if there is no next time.
No comments:
Post a Comment