There’s A Malware App For That

 At least 50,000 unlucky Android smartphone users were the recipients of a nasty surprise -- malware -- after downloading one of 21 popular free titles from the Android Market.

Once Google was informed of the issue, the apps were quickly pulled from the market and remotely deleted from users phones.

But as businesses continue to look at how to secure computing endpoints, including mobile phones, this is definitely a cautionary tale that smartphones, and all the assorted information users keep, are easily in reach of criminals.

Some of the titles, with innocuous names like Super Guitar Solo, were modified by taking a normal, non-tainted Android app, injecting the malware code and republishing on the Android Market with a slightly modified app name.

Once a user downloaded one of the titles, using the exploit rageagainstthecage, the phone is rooted and the users IMEI and IMSI along with other device data (like the carrier) was transmitted to the hackers. But even scarier is the possibility that the program could download even more malware to the compromised smartphone.

While Google touts the Android Market for its openness and ability for a publisher to instantly upload a program, the code of all programs on Apple’s App Store must be thoroughly examined and vetted to catch a wide range issues like malware.

And that’s not to say that iOS is completely secure, but the process for criminals to crack an iPad or iPhone at least takes a little more savvy than to publish a “Trojan horse” app for unsuspecting users to download. 

While Android phones continue to sell almost as fast as iPhones, and with companies like Motorola and Samsung making a push into the tablet space to compete against the iPad, will an issue like this make you think twice before downloading an Android, or any other smartphone, app?

Posted by Brent Dirks on Mar 02, 2011

  • Securing Entertainment Venues Securing Entertainment Venues

    One thing entertainment venues, sports stadiums and theme park officials want to accomplish is getting people back into their seats. That is happening today—but not without understanding and technology. In this episode, AJ DeRosa shares his insight on how COVID-impacted businesses are able to face safety and security issues with confidence and technology. We also discuss visitor expectations and how venue officials can ensure their space is secure as they welcome visitors back.

Digital Edition

  • Environmental Protection
  • Occupational Health & Safety
  • Infrastructure Solutions Group
  • Spaces4Learning
  • Campus Security & Life Safety