Google Removes Stolen Apps from Market

By Cindy Waxer March 02, 2011

Open your doors and you might be surprised by who – or what – walks in. That’s the lesson learned by Google, which recently had to remove publisher Myournet from its Android Market, along with its 21 trojan horse-bearing apps.

According to Android Police, Myournet and its ill-intentioned programmers borrowed pre-existing apps from fellow developers, inserted them with malicious code and then repackaged those apps as its own releases. The malware is capable of stealing all of the infected device’s data.

Reads a recent Android Police blog posting: “I asked our resident hacker to take a look at the code himself, and he’s verified it does indeed root the user’s device via rageagainstthecage or exploid. But that’s just the tip of the iceberg: it does more than just yank IMEI and IMSI. There’s another APK hidden inside the code, and it steals nearly everything it can: product ID, model, partner (provider?), language, country, and userID. But that’s all child’s play; the true pièce de résistance is that it has the ability to download more code. In other words, there’s no way to know what the app does after it’s installed, and the possibilities are nearly endless.”

Upon receiving notification from Android Police, Google immediately pulled the dangerous apps from its Android Market. However, the damage had already been done: nearly 200,000 downloads have been completed over the past four days.

Earlier this month, TechZone360.com reported Google’s unveiling of its Android Market Web store, which is the new version of its Android operating software, Honeycomb. Previously only accessible through use of an Android smartphone, you can now go to the Android Market site through a Web browser with other devices, including desktop computers, laptops, or tablets.

After logging into the site and signing in to your Google account, you can search through over 200,000- apps on the official Android Market, making app purchases through your browser. After purchasing, the apps will be installed directly to the desired smartphone device, using your choice of either WiFi or 3G connectivity.

Simply stated, you are still required to have an Android device to run the apps, but now you can download them to your device using a browser.




Edited by Tammy Wolf

TechZone360 Contributing Editor

SHARE THIS ARTICLE
Related Articles

GENBAND & Sonus Go Dutch for Merger

By: Maurice Nagle    5/23/2017

Mergers and acquisitions are the norm in business. However, it's not every day that two major cloud communications players with highly complementary o…

Read More

The Killer App for VR: The Ability to Meet Yourself

By: Rob Enderle    5/23/2017

I was at a VR event this week, and I'm sure the speaker misspoke when he said that one of the benefits of VR is the ability to meet yourself. But the …

Read More

WannaCry Ransomware Holds Files Hostage: Best Practices to Avoid Being a Victim

By: Special Guest    5/23/2017

More than 200,000 computers in more than 150 countries were crippled by a massive ransomware attack, dubbed WannaCry, and security experts warned that…

Read More

LeoSat Secures Japanese Investment for Enterprise Broadband Satellite Network

By: Doug Mohney    5/23/2017

Another broadband satellite cloud network moved closer to reality this month, with LeoSat securing an investment from SKY Perfect JSAT (SJC) Corporati…

Read More

Organizations Can Combat WannaCry & Jaff Ransomware With Well Instrumented DNS

By: Special Guest    5/22/2017

The Infoblox Intelligence Unit observed two global malware outbreaks on Friday, May 12. Although there is no indication that the two attacks were rela…

Read More