Slashdot Mirror
Google Pulls 21 Malware Apps From Android Market
Hugh Pickens writes writes "CNN reports that Google has pulled 21 free apps from the Android Market that, according to the company, are aimed at gaining root access to the user's device, gathering a wide range of available data, and downloading more code without the user's knowledge. Unfortunately although Google has moved swiftly to remove the apps, they have already been downloaded by at least 50,000 Android users. The apps are all pirated versions of popular games and utilities which once downloaded, root the user's device using a method like rageagainstthecage, then use an Android executable file (APK) to nab user and device data, such as your mobile provider and user ID, and finally act as a wide-open backdoor for your device to quietly download more malicious code. 'If you've downloaded one of these apps, it might be best to take your device to your carrier and exchange it for a new one, since you can't be sure that your device and user information is truly secure,' writes Jolie O'Dell. 'Considering how much we do on our phones — shopping and mobile banking included — it's better to take precautions.'"
Question: Why is it taking 3+ hours to do a simple wipe and reinstall? You just wipe the machine, put in a pre built OS install CD/DVD with all the patches already done, put in the key on first boot, install the apps from the local server or via flash drive, done. Maybe an hour and a half tops.
Using a combination of WSUS Offline (which you can tell to include MS Office updates along with MS Essentials AV) and Ninite I can whip off a dozen boxes or more a day easy and spend less time per box than I do trying to figure where I sat my Coke down. Just a little preparation goes a long way friend.
As for TFA, welcome to the game Android users! Anything that becomes popular WILL become a target for malware as long as they can use social engineering, because it is just so damned easy to do as in TFA. I mean 50k infections and they didn't even have to write the app, just attach their malware to an existing app and upload? How easy can you get!
So welcome to the game Android users, where you have to watch out and worry about malware just like us Windows users. The donuts are over in the back, right next to the Apple users who are currently sulking after finding out shiny plastic and aluminum doesn't stop bugs. Look on the bright side, it just means you're popular now! Hell the Linux guys would kill to be that popular on the desktop! So enjoy the coffee it's fresh, meetings are on Tuesdays and Thursdays.
Um, you leave us Apple users out of this. This was ANDROID. A-N-D-R-O-I-D, not APPLE, A-P-P-L-E.
Oh, and note that, just like that OTHER malware-infested platform (Windows), the ONLY way forward seems to be either to throw perfectly good hardware away (think of the planet!); OR to "Wipe and Reload" (It so SIMPLE! It's Easy! It's FUN!).
And, just like with Windows, the Androids will be out in force, blaming the USERS for taking advantage of the ONLY "advantage" to Android: The ability to download any dodgy app you want.
But notice, the apps weren't on some dark, dank dark alley of the internet; they were on GOOGLE's OWN APP STORE! The MOTHERSHIP.
No, this is more like we'll be seeing Google announcing their new "Curated" App Store in 3... 2... 1...