Telecom
Author:
Mark Dixon
Tuesday, March 8, 2011
2:05 pm
Has the focus of malware attacks shifted from Windows to Android? Not completely, I’m sure. But as the Wall Street Journal reported this morning,
A major software attack on mobile phones has put pressure on Google Inc. to do more to secure its online store for smartphone applications.
The company behind the now ubiquitous Android operating system came under fire after computer-security experts last week uncovered more than 50 malicious applications that were uploaded to and distributed from Google’s Android Market. …
Google has said 58 malicious apps were uploaded to Android Market and then downloaded to around 260,000 devices before Google removed the affected apps last Tuesday evening. It isn’t clear how many users activated the applications, a Google spokesman said.
Google doesn’t employee people to evaluate and approve applications before they are posted to the Android store, but rather depends on consumers to report bad behavior. Unfortunately, that practices can allow attacks like this latest wave to compromise the integrity of downloaded apps.
The apps involved in the latest incident were corrupted versions of legitimate products from three different developers. The apps, which included Super Guitar Solo, Advanced Barcode Scanner, Bubble Shoot and dozens of others, were adulterated with a malicious code called "DroidDream" that could compromise sensitive personal data, including the IMSI number of the user’s phone, a unique identifier that carriers try to protect.
I’ll bet Google will quickly change its practices in this area. There’s nothing like a bunch of infected apps to play havoc with brand loyalty.