updated 05:40 am EST, Wed March 2, 2011
Current model leaves users vulnerable
Google has taken steps to address the rising malware problem that threatens to plague the platform. According to a report from Mashable, Google has pulled 21 apps from the Android Market that have been identified as being aimed at gaining root access to a user’s personal data. While proponents for Google’s platform often deride Apple’s iOS platform for being “closed” and for Apple’s App Store approval process, Google’s stance has seemingly left its users vulnerable to serious security threats.
In this case, the apps in question were brought to the attention of Google, who then responded by taking the apps down. All of the apps were pirated versions of popular titles and produced by a group or individual known only as Myournet. The list of apps taken down includes, Falling Down, Super Guitar Solo, Super History Eraser, Photo Editor, Super Ringtone Maker, Super Sex Positions, Hot Sexy Videos, Chess, Hilton Sex Sound, Screaming Sexy Japanese Girls, Falling Ball Dodge, Scientific Calculator, Dice Roller, Advanced Currency Converter, APP Uninstaller, Funny Paint and Spider Man plus some Chinese titles.
The news follows a warning issued by Symantec on Tuesday about a Trojan known as Android.Pjapps that is also installing itself via bootlegged apps. Kapersky issued a warning about the first trojan written in Android-native code infecting Android devices last August. It warned at the time that this could be the start of a trend as the Android OS and its ecosystem continues its expansion.
While it Google has taken a positive step in removing affected apps, its current approach of removing apps after the fact leaves users of the Android platform open to further security threats when downloading apps from the Android Market, and especially from alternative and unofficial Android app markets.
Like certain internet sites with a pornographic theme, one step Android users can take to avoid malware is to avoid apps with a pornographic or sexual theme based on some of the titles of apps affected thus far. Another step that users can take is to check user reviews before downloading applications as well.
As for currently infected phones, there is no known method for successfully removing the affected files. Mashable recommends, perhaps optimistically, that it is best for users to return their devices to carriers and exchange it for a new one.