Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Finally Uses Remote Kill Switch On Malware

Posted by timothy on from the you're-going-to-feel-a-little-zapping dept.

Hugh Pickens writes writes "The Google Mobile Team has announced that in addition to removing the 21 malicious applications from Android Market that were downloaded 50,000 times, suspending the associated developer accounts, and contacting law enforcement about the attacks, they are remotely removing the malicious applications from affected devices. 'We are pushing an Android Market security update to all affected devices that undoes the exploits to prevent the attacker(s) from accessing any more information from affected devices,' wrote the team on their blog. 'For affected devices, we believe that the only information the attacker(s) were able to gather was device-specific (IMEI/IMSI, unique codes which are used to identify mobile devices, and the version of Android running on your device).' Google's actions come after numerous complaints in tech publications. "Does Google really want its Android Market to gain the reputation of being a cesspool of malware? 'Certainly not,' wrote Nicholas Deleon in TechCrunch. 'But then part of the allure of the Android Market is that it's open; you don't have to play by Google's rules, per se, to get on there like you do with Apple's App Store.'"

6 of 177 comments (clear)

  1. GJ GOOGLE by Soilworker · · Score: 3, Informative

    Good job again google. That's why you're on top.

  2. 260,000 infected Android devices by Anonymous Coward · · Score: 5, Informative

    Correction: The malware was downloaded 260,000 times, not 50,000 as initially reported. source

    1. Re:260,000 infected Android devices by HLJ76 · · Score: 4, Informative

      Also the summary notes only device information was potentially stolen, but fails to note that the malware was able to download more code that could do just about anything with the device. Can the market patch remove that code from the device, or will it only remove the downloaded apps leaving all post-downloaded code there to do whatever it wants to do?

  3. Openness and Archos by tepples · · Score: 5, Informative
    Quoth Nicholas Deleon in TechCrunch:

    But then part of the allure of the Android Market is that it's open; you don't have to play by Google's rules, per se, to get on there like you do with Apple's App Store.

    This might be true with respect to application developers but not hardware manufacturers such as Archos. To remain cost-competitive with iPod touch, Archos devices are missing various input and output components not needed in a portable media player, such as a cellular radio, compass, and GPS. However, because certain versions of Google's Android Compatibility Definition Document (CDD) list these components as requirements, Archos hasn't been able to include the Android Market application with the devices. To access the Market (and not the AppsLib that has a far smaller selection), one needs hacks that Google could cease-and-desist, just like it cease-and-desisted CyanogenMod for including Google applications.

    1. Re:Openness and Archos by teh31337one · · Score: 3, Informative

      Oh come on. The google apps are their own proprietary apps, and manufacturers pay to have them - that's why CM couldn't include them. Market place is controlled by Google, and they can remove malicious applications if needed. Device manufacturers have to meet the minimum spec to have market access.

  4. Re:Android is safer than iPhone.. by Ender_Wiggin · · Score: 5, Informative

    Actually Apple DOES warn you, via the GPS icon in the top menu bar. In Settings, you can disable Location services for any specific app and see if it's accessed your location in the last 24 hours.