After several days of silence on the issue, Google has confirmed that it removed several malicious apps from its Android Market earlier this week and said that it would remove the apps from users' devices as well.
Only devices running an Android version earlier than version 2.2.2 were susceptible to the rogue apps, which took advantage of known vulnerabilities, the Internet giant reported late last night in the Google Mobile blog. The company believes the only information accessed by the apps were the unique codes used to identify the the specific device and the version of Android that it was running.
Fifty-eight malicious apps were identified and removed Tuesday but not before they were downloaded to about 260,000 devices. Google said it would use a kill switch to remotely remove the apps from users' devices and push an Android security update to affected users to repair the damage done by the apps. Affected users can expect to receive an e-mail from Android Market support explaining the action, Google said.
The developer accounts associated with the apps were suspended and law enforcement officials were contacted, Google said.
Earlier this week, a Reddit user discovered that pirated versions of legitimate apps on the Android Market were infected by a Trojan called DroidDream, which uses a root exploit dubbed "rageagainstthecage" to compromise a device, according to a report on enthusiast site Android Police.
The malware was described as especially virulent because it apparently not only can capture user and product information from a device but also has the ability to download more code capable of further damage.
Google representatives did not immediately respond to a request for further information or comment.
Comments