Slashdot Mirror

← Back to Stories (view on slashdot.org)

More Malware-Infected Apps Found In Android Market

Posted by samzenpus on from the one-bad-app-spoiling-the-barrel dept.

Trailrunner7 writes "For the third time in the last few months, Google has had to remove a slew of malware-infected apps from the Android Market and suspend some publishers. Ten Android apps in the Official Android Market are known to be infected, but many more could be victims of the Plankton Trojan. Researcher Xuxian Jiang claims that early variants of the Trojan have evaded detection for as long as two months."

12 of 195 comments (clear)

  1. How about... by Skarecrow77 · · Score: 4, Insightful

    you post a list of the infected applications in the freakin summary, so when TFA gets slashdotted, we know what the hell they were?

    I'm just saying...

    1. Re:How about... by Sylak · · Score: 3, Informative

      They aren't listed in TFA either

  2. QC Required by Microlith · · Score: 3, Insightful

    Sooner or later Google will need to do some sort of Quality Control on their store, or they'll just keep making the Marketplace look even less trustworthy and push people to the Amazon store.

    1. Re:QC Required by tlhIngan · · Score: 3, Insightful

      We need the unsophisticated users to buy the Android phones, or there won't be any. The economy of scale has to be there. If Android phones alienate the average user, then they'll end up like the N900: kick ass, but expensive and a relative hassle to get.

      There will always be Android phones.

      However, the problem is if the perception of the Marketplace is that it's full of malware ready to steal your phone's data and cost you a fortune in long-distance and premium phone number calls, then people may shy away from downloading any app from it. (or alternative app stores for that matter, since you can't trust that they aren't sending you malware either).

      Which means to most users, Android is the phone and what it comes with - the Marketplace will simply be a "never touch" zone. Which means Android devs have a harder time.

      Heck, carriers may see this and demand that Amazon be the primary marketplace allowed on the phone as a safety measure. And if that's the case, Android devs may have to submit to Amazon's even more restrictive terms.

  3. I realize I'm going to get torn to shreds... by NitzJaaron · · Score: 4, Insightful

    ...but there's something to be said for iOS being a "closed" platform with a (mostly) strict approval process. There's a lot of controversy about apps getting blocked from the iTunes App Store, but so far there haven't been any significant outbreaks of malware/trojans like the Android platform has had. Caveat: I actively develop for both platforms, so I have no "stake" in either side. Just making a point about the open vs. closed issue in related to PII leakage risks. Let the flaming begin!

    1. Re:I realize I'm going to get torn to shreds... by vux984 · · Score: 4, Insightful

      ...but there's something to be said for iOS being a "closed" platform with a (mostly) strict approval process

      Nobody has ever really said otherwise.

      The complaints about the apple store are not that its closed. The complaint is that its the only store you are allowed to use. (both as a consumer and as a developer)

  4. What the by vajorie · · Score: 4, Informative

    Why do you not link to the original article?!

  5. 15 Seconds Quality Time with Google... by idontgno · · Score: 3, Informative

    turns up Sophos' analysis of this "Plankton" malware.

    The sample of the EULA associated with the malware app (yes, malware EULAs) lists "Angry Bird Cheater" by name, so there's one of the candidates. Also, quoting the article:

    The code suggests that it is a platform, but it does not disclose its purpose. Descriptions of the apps pulled from the Android Market contain the text:

    This application is brought to you free sponsored by Choopcheec Platform. It adds a search shortcut on the home screen or application screen.

    So, "Choopcheec" seems to be a common codeword for the apps. Whatever that is.

    --
    Welcome to the Panopticon. Used to be a prison, now it's your home.
  6. Re:Same as for regular computers by idontgno · · Score: 4, Funny

    Good point. I usually prefer Panaphonic products, especially since I'm boycotting Sorny and generally unhappy with the product quality from Magnetbox.

    --
    Welcome to the Panopticon. Used to be a prison, now it's your home.
  7. Your arrogance marks YOU as the real moron by DavidinAla · · Score: 4, Insightful

    Your comment is indicative of the kind of arrogance that makes people hate so many technically proficient people. Do you even realize how arrogant you are to call people "morons" because they don't happen to have the kind of technical understanding and knowledge that we have? I'm sorry, but it's YOUR ARROGANCE that marks you as the real moron. People have different skills and knowledge. Yours (and mine) happens to be in a technical field, among others, presumably. But you have areas where you don't know anything, too. Everybody does. Just because people don't value YOUR subject area above all others doesn't mean they're morons who are "dumb users." Just as a person who doesn't want to be an auto mechanic isn't a moron when he simply wants his car to work without him futzing with it. You really need to climb down from the high horse and realize that people aren't necessarily morons just because they don't know everything about IT that we know.

  8. Re:From TFA: by localman57 · · Score: 3, Insightful
    It doesn't have to be Google. But there really needs to be a single reviewer source. Think "Underwriters Laboratories" for software. Otherwise, the malware writers just setup their own review boards, and stamp it quality. As Tommy Boy once said:

    I can take a shit in a box, and mark it guaranteed, but then all you'll have is a guaranteed box of shit.

    You (and your friends) can't be allowed to stamp your box.

    Google would be the obvious choice, though, since they have the biggest investment to lose if this all goes to hell.

  9. Two flaws in your argument by Brannon · · Score: 4, Insightful

    1. There are alternatives, you can buy an Android phone.

    2. If IOS devices made it easy to use another store, then non-technical users would be at more risk. They would get an email that said, "Hey try out this fun app" which would take them to the non-curated store, they would blindly click-through all warnings from the OS and voila, you've got a mobile experience every bit as toxic and unusable as the Windows PC experience--and you've just destroyed Apple's value proposition and their $100B market cap.

    What it really boils down to is that most of Apple's critics (a) don't care at all about non-technical users and (b) really want Apple to fail anyway so are happy to argue for Apple to adopt flexibility that would lead to financial disaster for them. Apple fundamentally disagrees on both points so you aren't going to sway them.

    But you have other options, see #1.