backtop


Print 47 comment(s) - last by YashBudini.. on Mar 10 at 2:40 PM

Company will release special removal tool for affected users, is remotely killing apps

Google is reacting quickly to what is perhaps the largest mass infection of users of its Android OS, yet. Rather than keep quiet, Google quickly pulled the 58 malicious apps, which were repackaged versions of legitimate apps (containing extra malicious APKs designed to grab personal information, obtain root access, and install code remotely).

Now it's take even more strident measures to combat the attack, personally reaching out to affected users.  Google began executing its remote kill functionality on the malicious apps Saturday.

It also pushed out an update to affected users phones, which will remove the installed rootkit.  Google sent the following email [source] to the estimated 260,000 Android users:

Hello,

We recently discovered applications on Android Market that were designed to harm devices. These malicious applications (“malware”) have been removed from Android Market, and the corresponding developer accounts have been closed.

According to our records, you have downloaded one or more of these applications. This malware was designed to allow an unauthorized third-party to access your device without your knowledge. As far as we can determine, the only information obtained was device-specific (IMEI/IMSI, unique codes which are used to identify mobile devices, and the version of Android running on your device).

However, this malware could leave your device and personal information at risk, so we are pushing an Android Market security update to your device to remove this malware. Over the next few hours, you will receive a notification on your device that says “Android Market Security Tool March 2011” has been installed. You are not required to take any action from there, the update will automatically run. You may also receive notification(s) on your device that an application has been removed. Within 24 hours of receiving the update, you will receive a second email confirming its success.

To ensure this update is run quickly, please make sure that your device is turned on and has a strong network connection.

For more details, please visit the Android Market Help Center.

Regards,
The Android Market Team


The flaw that allowed the malware to gain root access without asking for permissions was actually fixed by Google with firmware update Android 2.2.1.  Unfortunately carriers have been extremely sluggish at rolling out updates for Android users, and this is the end result.

Google has repackaged the fix as an individual patch and given it to carriers and handset makers.  But it's up to carriers and their hardware partners to push it down to phone customers as the patch will have to be adjusted to individual hardware configurations.  

In other words Google's keeping busy killing the burglars in the house, but back door is still wide open.  At least it's doing something, though, and giving its customers the decency of communication.

Google is also taking steps to make sure similar malware doesn't reappear in the Android Marketplace.  While the company is vague on specifics, it writes:

We are adding a number of measures to help prevent additional malicious applications using similar exploits from being distributed through Android Market and are working with our partners to provide the fix for the underlying security issues.

According to professional hackers and security researchers, most phones and applications markets have the potential to be infiltrated by malware.  

For example, at Nicolas Seriot, a Swiss iPhone expert, has demoed [white paper] at the annual Black Hat conference an app called "SpyPhone", which showed off how easy it would be to sneak malware into the App Store.  It is unknown if this is being actively done, but Mr. Seriot's whitepaper offered obfuscation code that disguised disallowed strings, offering hackers a clear path to getting their malware into the App Store (the only other necessary steps would be a delayed activation of the malicious activity, and avoidance of using private APIs).


Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Googles done decently
By trooper11 on 3/7/2011 11:14:27 AM , Rating: 2
I would like to know what those carrier agreements are. This isnt the first example of carriers standing in the way of updates. Microsoft is dealing with the same problem trying to roll out thier first updates, so its not just an android thing.

Im not saying the carriers might not have a good reason for delaying updates, but it would be nice if the process was more transparent so that there wouldnt be the normal blame game that goes around.


RE: Googles done decently
By omnicronx on 3/7/2011 11:47:18 AM , Rating: 1
Rolling out updates is never easy, but other companies have made things easier on themselves. The very thing that makes Android so successful is also its most hindering, its ability to customize.

Apple, well as draconian as they may be, they have the update process down. Obviously having a single device makes it much easier on them, but from an update standpoint, they are one of the best.

Windows Phone, OEM approach like Android, but with some pretty big differences. No ability to customize the UI, which is a big one as this is often a big part of the delay. Standardized hardware, internal and external, once again, closer devices are, the easier it is to release updates. I'm also pretty sure that MS is actually only using one SOC variant on all of their phones as it currently stands.I'm also pretty sure that unlike Android, the carriers are only allowed to skip one update.

Palm, Well as low as their share and popularity is, their update process was actually a bright spot. Closed platform and only two phones, so this is kind of expected.

Android, great in theory, but a phone can differ so much from carrier to carrier, and the vast amount of phones available with no mandate to update their devices was just a bad idea in the first place. The only saving grace is the Nexus One, which is basically vanilla Android is a true display of how Android should be. Unless Google can somehow figure out a way to streamline the update process while still allowing such an ability to customize, then perhaps they need to go a different route (which apparently they may be already).

Perhaps by moving the responsibility of customizing the device to the user like it should be.


RE: Googles done decently
By Kurz on 3/7/2011 12:12:35 PM , Rating: 2
You would think since Android is based on Linux that the UI/software packages should have its own mem space and the guts of the OS should be able to update seperately while not messing up what the manufactures do to the phone.


"I want people to see my movies in the best formats possible. For [Paramount] to deny people who have Blu-ray sucks!" -- Movie Director Michael Bay

Related Articles













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki