RSS

Search Engine

Tuesday, May 31, 2011

Malicious apps removed from Android Market

Google has removed from the official Android Market about two dozen apps found to contain malware that can compromise data, mobile security firm Lookout is warning.

Between 30,000 and 120,000 Android devices may have been affected, Lookout said.

"This weekend, multiple applications available in the official Android Market were found to contain malware that can compromise a significant amount of personal data," the company said in a blog post late last night. "Likely created by the same developers who brought DroidDream to market back in March, more than 25 applications were found to be infected with a stripped down version of DroidDream we're calling 'Droid Dream Light' (DDLight)."

Google removed 58 malicious apps from the market in March and remotely removed the apps from the devices they'd been downloaded to.

Google representatives did not immediately respond to e-mails seeking comment early today.

The problem was reported to Lookout by a developer who found that modified versions of his app and another developer's app were being distributed in the Android Market. Lookout confirmed that malicious code was inserted into the apps and identified markers that linked the code with DroidDream samples.

"We discovered 24 additional apps re-packaged and re-distributed with the malicious payload across a total of 4 different developer accounts," Lookout said.

Apps containing DDLight have been available for download from the official Android Market. Anyone who has downloaded the apps listed below may be affected. If you have downloaded these apps, contact support@mylookout.com for help in removing them.

The list of infected applications includes:

Magic Photo Studio
• Sexy Girls: Hot Japanese
• Sexy Legs
• HOT Girls 4
• Beauty Breasts
• Sex Sound
• Sex Sound: Japanese
• HOT Girls 1
• HOT Girls 2
• HOT Girls 3

Mango Studio
• Floating Image Free
• System Monitor
• Super StopWatch and Timer
• System Info Manager

E.T. Team
• Call End Vibrate

BeeGoo
• Quick Photo Grid
• Delete Contacts
• Quick Uninstaller
• Contact Master
• Brightness Settings
• Volume Manager
• Super Photo Enhance
• Super Color Flashlight
• Paint Master

Because malicious components of DDLight are invoked on receipt of a android.intent.action.PHONE_STATE intent (for example, an incoming voice call), DDLight is not dependent on manual launch of the installed application to trigger its behavior, Lookout said.

"The broadcast receiver immediately launches the .lightdd.CoreService which contacts remote servers and supplies the IMEI, IMSI, Model, SDK Version and information about installed packages," the company said. "It appears that the DDLight is also capable of downloading and prompting installation of new packages, though unlike its predecessors it is not capable of doing so without user intervention."

Lookout users are already protected. According to Lookout, all Android users should:

• Download apps only from trusted sources and reputable app markets. Examine the developer name, reviews, and star ratings.

• Always check the permissions that an app requests. Make sure the permissions an app requests match the app's features.

• Be alert for abnormal behavior on your phone that could signal an infection, such as unusual SMS or network activity.

• Use a mobile security app that scans every app you download.

1 comments:

Power of love said...

Let`s write that letter we thought of writing "one of these days Tibia Gold, just because someone doesn't love you the way you want them to, doesn't mean they don't love you with all they have Tibia coins, don't waste your time on a man/woman, who isn't willing to waste their time on you sro gold.

Life is like a hot bath. It feels good while you're in it, but the longer you stay in, the more wrinkled you get rs gold, Life is too short to wake up in the morning with regrets. So, love the people who treat you right and forget about the ones who do not Runescape Gold, In the Orient young bulls are tested for the fight arena in a certain manner rs gold. Each is brought to the ring and allowed to attack a picador who pricks them with a lance..

Post a Comment