Earlier this month (March) I reported that Android Market had been the victim of cyber criminals. The cyber criminals had targeted the Android Market with rootkit/malware (DroidDream Trojan) embedded in third-party apps. The hackers developed malicious code that allowed them to use the ‘open source community’ to deliver their rootkit payload.
Nearly 60 malicious android apps had been uploaded to Android Market and from estimates on the Web, some 300,000 devices (that is one hell of a lot of devices) had been infected with these apps. For hackers to target the root level of the Android device is a new attack vector – made easier by the lack of source code control (unlike Apple) of apps uploaded to the Android Market.
The rootkit appears to have stolen device-specific information i.e. the IMEI number but no personal or account information had been stolen. Having root access to the Android OS is a major worry for Google and it’s mobile user base. Google is going to roll out a special remote kill function that allows them (not you! – yikes!), without user action, to remove malicious apps from an infected Android device. BlackBerry already have this functionality but the user controls this function, rather than BlackBerry. Google is being too intrusive for me here. The user should have control, not Google, Android or a third-party app developer.
What about the gaping security hole that allows apps access to Android root? Well, currently the flaw cannot be patched automatically (why cannot Google distribute system security updates?) because the flaw exists at system level in 2.2.1 and lower versions, so a system upgrade would be required – guess what, it’s not Google’s responsibility to do this, it’s the mobile phone carriers and hardware manufacturers!
Talk about shifting responsibility. So what is Google going to do about the continuing problem of rogue apps being promoted on its Android Market? I’d suggest Google seriously considers implementing Apple’s app policy on all versions for now and rectify right away, the issue surrounding distribution of security updates.
Safe surfing Android users!