We recently discovered applications on Android Market that were designed to harm devices. These malicious applications (“malware”) have been removed from Android Market, and the corresponding developer accounts have been closed.
According to our records, you have downloaded one or more of these applications. This malware was designed to allow an unauthorized third-party to access your device without your knowledge. As far as we can determine, the only information obtained was device-specific (IMEI/IMSI, unique codes which are used to identify mobile devices, and the version of Android running on your device).
However, this malware could leave your device and personal information at risk, so we are pushing an Android Market security update to your device to remove this malware. Over the next few hours, you will receive a notification on your device that says “Android Market Security Tool March 2011” has been installed. You are not required to take any action from there, the update will automatically run. You may also receive notification(s) on your device that an application has been removed. Within 24 hours of receiving the update, you will receive a second email confirming its success.
To ensure this update is run quickly, please make sure that your device is turned on and has a strong network connection.
For more details, please visit the Android Market Help Center.
The Android Market Team
We are adding a number of measures to help prevent additional malicious applications using similar exploits from being distributed through Android Market and are working with our partners to provide the fix for the underlying security issues.
quote: I have an HTC EVO and it requires my permission to install updates.quote:No malware like the Android crap has appeared on iOS (except for jailbreakers)I doubt that.Lack of proof is not proof in and of itself that something doesn't exist.Apple's screen eliminates *obvious* malware, but more subtle malware using string obfuscation, no internal APIs, no core system calls, and remote post-mortem activation would pass through scott-free. See white papers from recent Black Hat conventions, Tony.The thing is, Apple eliminates dumb malware. The smart ones you'd never hear about.quote:Systems that check for malware in advance of distribution are never perfect but are always safer than systems that don't check for malware in advance of distribution.Google checks its apps pre-approval, just not to the extent Apple tests them. It's misleading to suggest it doesn't screen, though, if that's what you're trying to say.