Slashdot Mirror

← Back to Stories (view on slashdot.org)

More Malware-Infected Apps Found In Android Market

Posted by samzenpus on from the one-bad-app-spoiling-the-barrel dept.

Trailrunner7 writes "For the third time in the last few months, Google has had to remove a slew of malware-infected apps from the Android Market and suspend some publishers. Ten Android apps in the Official Android Market are known to be infected, but many more could be victims of the Plankton Trojan. Researcher Xuxian Jiang claims that early variants of the Trojan have evaded detection for as long as two months."

11 of 195 comments (clear)

  1. How about... by Skarecrow77 · · Score: 4, Insightful

    you post a list of the infected applications in the freakin summary, so when TFA gets slashdotted, we know what the hell they were?

    I'm just saying...

  2. QC Required by Microlith · · Score: 3, Insightful

    Sooner or later Google will need to do some sort of Quality Control on their store, or they'll just keep making the Marketplace look even less trustworthy and push people to the Amazon store.

    1. Re:QC Required by tlhIngan · · Score: 3, Insightful

      We need the unsophisticated users to buy the Android phones, or there won't be any. The economy of scale has to be there. If Android phones alienate the average user, then they'll end up like the N900: kick ass, but expensive and a relative hassle to get.

      There will always be Android phones.

      However, the problem is if the perception of the Marketplace is that it's full of malware ready to steal your phone's data and cost you a fortune in long-distance and premium phone number calls, then people may shy away from downloading any app from it. (or alternative app stores for that matter, since you can't trust that they aren't sending you malware either).

      Which means to most users, Android is the phone and what it comes with - the Marketplace will simply be a "never touch" zone. Which means Android devs have a harder time.

      Heck, carriers may see this and demand that Amazon be the primary marketplace allowed on the phone as a safety measure. And if that's the case, Android devs may have to submit to Amazon's even more restrictive terms.

  3. I realize I'm going to get torn to shreds... by NitzJaaron · · Score: 4, Insightful

    ...but there's something to be said for iOS being a "closed" platform with a (mostly) strict approval process. There's a lot of controversy about apps getting blocked from the iTunes App Store, but so far there haven't been any significant outbreaks of malware/trojans like the Android platform has had. Caveat: I actively develop for both platforms, so I have no "stake" in either side. Just making a point about the open vs. closed issue in related to PII leakage risks. Let the flaming begin!

    1. Re:I realize I'm going to get torn to shreds... by vux984 · · Score: 4, Insightful

      ...but there's something to be said for iOS being a "closed" platform with a (mostly) strict approval process

      Nobody has ever really said otherwise.

      The complaints about the apple store are not that its closed. The complaint is that its the only store you are allowed to use. (both as a consumer and as a developer)

  4. Your arrogance marks YOU as the real moron by DavidinAla · · Score: 4, Insightful

    Your comment is indicative of the kind of arrogance that makes people hate so many technically proficient people. Do you even realize how arrogant you are to call people "morons" because they don't happen to have the kind of technical understanding and knowledge that we have? I'm sorry, but it's YOUR ARROGANCE that marks you as the real moron. People have different skills and knowledge. Yours (and mine) happens to be in a technical field, among others, presumably. But you have areas where you don't know anything, too. Everybody does. Just because people don't value YOUR subject area above all others doesn't mean they're morons who are "dumb users." Just as a person who doesn't want to be an auto mechanic isn't a moron when he simply wants his car to work without him futzing with it. You really need to climb down from the high horse and realize that people aren't necessarily morons just because they don't know everything about IT that we know.

  5. From TFA: by PopeRatzo · · Score: 1, Insightful

    Google has historically taken a hands-off approach to policing the Android Marketplace. It will suspend and remove suspicious or malicious applications when they're reported, but does not vet applications prior to posting them, as Apple does with its AppStore.

    Ah, that's what the story is really about. I'm surprised it took them so many paragraphs to get to their real agenda.

    localman57 has the solution. And who's to say that Google has to be the one doing the code reviewing? Why couldn't a group of Android developers get together and set up a reviewing panel that will certify apps as threat-free? Before I download an app, I can see if the reviewing panel lists it or not and have that one extra data point with which to make my decision. If the panel's work is done in a transparent manner, people would trust it and they would have a measure of safety without having to be walled inside.

    --
    You are welcome on my lawn.
    1. Re:From TFA: by localman57 · · Score: 3, Insightful
      It doesn't have to be Google. But there really needs to be a single reviewer source. Think "Underwriters Laboratories" for software. Otherwise, the malware writers just setup their own review boards, and stamp it quality. As Tommy Boy once said:

      I can take a shit in a box, and mark it guaranteed, but then all you'll have is a guaranteed box of shit.

      You (and your friends) can't be allowed to stamp your box.

      Google would be the obvious choice, though, since they have the biggest investment to lose if this all goes to hell.

  6. A few quick tips to avoiding malware by sl4shd0rk · · Score: 1, Insightful

    0) Do some research on your apps before installing
    1) Stick to open source apps whenever possible
    2) don't just click through like whack-a-mole when installing... read the perms!

    Take the same precautions on your Android phone.

    --
    Join the Slashcott! Feb 10 thru Feb 17!
  7. opibaipastbi by UmbraDei · · Score: 1, Insightful

    In case you're wondering, that's "Original poster is being an inconsiderate prick and should totally be ignored"
    > People make typos. You do too. I'll bet you a 100 dollars, euro's or whatever currency you use on that. And with spelling correction these days valid words in a wrong context are even easier to miss...

    Also, as an advance warning for possible future rants (and this may come as a shock. I suggest you find a nice and comfortable seat first before reading on):
    [SPOILER]Not everyone on the internet is a native English speaker. The 'INTER-' part might be a subtle hint for that.[/SPOILER]

  8. Two flaws in your argument by Brannon · · Score: 4, Insightful

    1. There are alternatives, you can buy an Android phone.

    2. If IOS devices made it easy to use another store, then non-technical users would be at more risk. They would get an email that said, "Hey try out this fun app" which would take them to the non-curated store, they would blindly click-through all warnings from the OS and voila, you've got a mobile experience every bit as toxic and unusable as the Windows PC experience--and you've just destroyed Apple's value proposition and their $100B market cap.

    What it really boils down to is that most of Apple's critics (a) don't care at all about non-technical users and (b) really want Apple to fail anyway so are happy to argue for Apple to adopt flexibility that would lead to financial disaster for them. Apple fundamentally disagrees on both points so you aren't going to sway them.

    But you have other options, see #1.